General
-
Target
af581caf268f7ad9def31b477f8349a3_JaffaCakes118
-
Size
645KB
-
Sample
240404-etndgaed5v
-
MD5
af581caf268f7ad9def31b477f8349a3
-
SHA1
02e41c7fdb8d32c8f764a16913bd7afa44a7d0c9
-
SHA256
bec65782844355875f88723419b44dc543ba07b83c8a339036f79e39364493c6
-
SHA512
7c77a374c6b5cbd812a754aa28d7e09c03881bd1742e412701c7ab235b01cf65395ba0c87d23a85f0bf7877e82db6ed4a5971b62b5487bf03f4ebaa01c09d70a
-
SSDEEP
6144:7Re+8T84g/mBpd8qV2A8RwR1zAd2pxKF5eEnTSab5UAVZV7TrUynqCCdr0yNukaP:72TOmxDgA+KY2/en7UOV1qCfF
Static task
static1
Behavioral task
behavioral1
Sample
af581caf268f7ad9def31b477f8349a3_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
xloader
2.5
gnui
himalayanwanderwoods.com
finvi.guru
iphone13promax.show
rpfcomunicacao.com
inemilia.com
blboutiqueexchange.com
sukiller.com
tzwa.net
noemiklein.com
upscalepklptp.xyz
unboxk.com
greatamericanlandworks.com
bataperu.com
estebanacostapeugeot.com
gombc-a02.com
642541.com
13f465.com
jskswj.com
hibar.xyz
eltool.net
theblackholelab.com
portcities.website
kfvmj.com
ausawarenesscodeday.com
inmobiliarianelecasa.com
supportowlph.com
dj6688i.com
mujinrj.com
adamelsouk.com
mangiamosgt.com
tokomodern.xyz
transfersound.com
shinei-ako-recruit.com
z9l2.com
apqcwl.com
everythingsamsung.com
torunavukatlikburosu.com
szfalr.com
csyein.com
momentbetong.com
zkimax.com
wiggytv.xyz
jaguarshield.com
drmitnick.com
xc6315.com
pacelicensedelectrician.com
bigbigsea.com
712861.com
hcato.xyz
things4cars.xyz
moukse.com
heyprogrammers.com
hualisudi.com
elcyork.com
icpbunny.com
goldeasolutions.com
kidsbydesign.online
auxiliacapitalpartnersllc.com
silverbackfinance.com
hitsduo.com
marganneglasser.com
kare-furniture.com
inatividigitali.com
maxicashprogtr.xyz
hottorchlighter.com
Targets
-
-
Target
af581caf268f7ad9def31b477f8349a3_JaffaCakes118
-
Size
645KB
-
MD5
af581caf268f7ad9def31b477f8349a3
-
SHA1
02e41c7fdb8d32c8f764a16913bd7afa44a7d0c9
-
SHA256
bec65782844355875f88723419b44dc543ba07b83c8a339036f79e39364493c6
-
SHA512
7c77a374c6b5cbd812a754aa28d7e09c03881bd1742e412701c7ab235b01cf65395ba0c87d23a85f0bf7877e82db6ed4a5971b62b5487bf03f4ebaa01c09d70a
-
SSDEEP
6144:7Re+8T84g/mBpd8qV2A8RwR1zAd2pxKF5eEnTSab5UAVZV7TrUynqCCdr0yNukaP:72TOmxDgA+KY2/en7UOV1qCfF
-
Xloader payload
-
Suspicious use of SetThreadContext
-