General
-
Target
c357a8010e661a49df2e813bd22590b6_JaffaCakes118
-
Size
329KB
-
Sample
240404-2cyt7scd96
-
MD5
c357a8010e661a49df2e813bd22590b6
-
SHA1
08ecd005e1449ec97d0405e83649686ae35f6286
-
SHA256
eef137583da6deb4a1be9882cede6cec5112b74ae79c0773f45b13346c5b2890
-
SHA512
71957a0cd597213808b15b1abe9ce3df07889627b4a1b849362df07de6da3984803c6b2e6487338375a558dc9c1f0db32aee42fde89cee305078c22d6b92890e
-
SSDEEP
6144:YaX+sbCdgMkhBJDxtvArlcq90N9prggZmNqoPjLfsPbU9wgJlhjb3BB5NAwg6oBm:Y/pd7SBBArlMN9FsrPXETWwa53BB5NAk
Static task
static1
Behavioral task
behavioral1
Sample
c357a8010e661a49df2e813bd22590b6_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
ag9v
wordmagicshow.com
dogparkdate.com
quickcarehomeopathic.com
azwar.net
louisle1909.xyz
section8lv.com
felineness.com
2888sy.com
wadashoot.com
kittyuniverse.com
blushroses.com
alaskangeneral.com
yumoo.design
7xkfic.com
891827.com
uspress1.com
aceserial.xyz
muellerconfidence.com
eramakport.com
tipsandtoesnewton.com
withph.net
kravesproet.quest
restaurantemesana.com
ghostpunk.art
cobere9.com
darshanshastra.com
barnhsartcrane.com
richartware.com
welcomprom2.com
plantvsundeadhelp.com
hotsatisfy.com
fullhindimovies.com
beautynaturalcosmeticslk.com
googglo.com
hongyang98.com
elishevazz.com
ebookgratis.online
urbanyinyoga.com
sojuicybar.com
seheon.email
pokemongosrf.com
catchytravel.com
stonecoldice.net
betinle137.com
platinumridge.art
agoodhotel.com
preventbiotech.com
ebonyslivestockservice.online
billionairesboat.com
dollpartyla.com
naufragant.com
cat2628.top
ietwatiomlan.quest
soulful-simplicity.com
kalmmed.com
luxuryray.com
pknox.net
687410.com
blackmagiccomics.com
usaworkerscorporation.com
ovmfinacial.com
marunouchi1.com
feshwal.com
qupontgon.quest
psychedeliccosmetics.com
Targets
-
-
Target
c357a8010e661a49df2e813bd22590b6_JaffaCakes118
-
Size
329KB
-
MD5
c357a8010e661a49df2e813bd22590b6
-
SHA1
08ecd005e1449ec97d0405e83649686ae35f6286
-
SHA256
eef137583da6deb4a1be9882cede6cec5112b74ae79c0773f45b13346c5b2890
-
SHA512
71957a0cd597213808b15b1abe9ce3df07889627b4a1b849362df07de6da3984803c6b2e6487338375a558dc9c1f0db32aee42fde89cee305078c22d6b92890e
-
SSDEEP
6144:YaX+sbCdgMkhBJDxtvArlcq90N9prggZmNqoPjLfsPbU9wgJlhjb3BB5NAwg6oBm:Y/pd7SBBArlMN9FsrPXETWwa53BB5NAk
-
Xloader payload
-
Suspicious use of SetThreadContext
-