General
-
Target
9e2c5b22680ba4bbd6a878359de06f25_JaffaCakes118
-
Size
473KB
-
Sample
240403-dep33sec49
-
MD5
9e2c5b22680ba4bbd6a878359de06f25
-
SHA1
0fd148f8548e00ce55546cb8f47c7ed45a91b33d
-
SHA256
76ae8a066744d281de1a7b1db736994aee95488fdf4bb8721f82348236e87521
-
SHA512
bba4977afd82b635fc2f4071996d7dc501afe80ad8c92da202559b0966182b2394e64c963dcdc8efa3871f65e54460f26b8b226db01c1e67752e7cd2a58b82d6
-
SSDEEP
6144:c2VKqAFfdPb+Gg+RxG5Rq8OC8zo3mV2Ex5SjOSB48OYIOqC1cJsoDvjllYj:BVKqAFfdKGleRTOiI76jG8OYIx4Svoj
Static task
static1
Behavioral task
behavioral1
Sample
9e2c5b22680ba4bbd6a878359de06f25_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
xloader
2.5
s9ns
livehd7.onl
comprosuasucata.com
rouvar.com
zamenapodani.quest
villahummingbird.com
vendaaprovadanosite.com
activeator.com
lapinlauluveikot.com
watch-tbn.net
schwesteroutfits.com
viviendactiva.com
quaythuocquynhchi.xyz
dasrekop.online
ch34k-3yfb124.club
fxb2bhub.com
lightlyenlightened.com
workdayconvert.com
pintod.com
mariimportados.com
globoicon.com
treefellingservicesusaweb.com
truthwatch.club
aw9900.com
cxhy.online
lejouetcoupdecoeur.com
bailbondsvegas.net
pdwhtwm.com
jsconcreteprosfremont.com
3-ply.com
fftt11.com
deliciouslysavingtheplanet.com
noledgetest.xyz
accreditslots.com
solutionrd.com
kaboomslots3.online
jamesplaces-merthyr.wales
swapkiddies.com
getampifire.digital
st666.email
ecato.xyz
getaudionow.com
66q9.com
wisetoys.club
oa-nft.xyz
int-utente-dati.com
olimpotorrent.com
womensclothingonlineshop.com
ht9088.com
yiceqk.com
496921.com
nu865ci.com
quanqiu88888.com
smartfinder.tech
rugbyclubarras.com
thekingsalliancellc.com
y8dv.xyz
mmhappymask.com
virtualstaffphoenix.com
kingdomhome.watch
naturalperuoriginal.com
view-one.online
reflectforjlt.xyz
kidsmaps.net
triplepointrefrigeration.com
andgelstore.com
Targets
-
-
Target
9e2c5b22680ba4bbd6a878359de06f25_JaffaCakes118
-
Size
473KB
-
MD5
9e2c5b22680ba4bbd6a878359de06f25
-
SHA1
0fd148f8548e00ce55546cb8f47c7ed45a91b33d
-
SHA256
76ae8a066744d281de1a7b1db736994aee95488fdf4bb8721f82348236e87521
-
SHA512
bba4977afd82b635fc2f4071996d7dc501afe80ad8c92da202559b0966182b2394e64c963dcdc8efa3871f65e54460f26b8b226db01c1e67752e7cd2a58b82d6
-
SSDEEP
6144:c2VKqAFfdPb+Gg+RxG5Rq8OC8zo3mV2Ex5SjOSB48OYIOqC1cJsoDvjllYj:BVKqAFfdKGleRTOiI76jG8OYIx4Svoj
-
Xloader payload
-
Suspicious use of SetThreadContext
-