General
-
Target
b168bef200eee22c281c1a830cd4bf80_JaffaCakes118
-
Size
463KB
-
Sample
240404-ghvdragf97
-
MD5
b168bef200eee22c281c1a830cd4bf80
-
SHA1
b086e5ae3f1a2e8f1b9cd614794f5f3cd8c52887
-
SHA256
d405dd06ed1a965eb9029d7982286ac11bdf029a587dd64e3b49c72fc0f0a696
-
SHA512
55dba8012bddf5bd5467176e2eed1d4b9e75c6ee10dc16464aa43ee0a079be6e8fc1f9ab5007f650433ccd55a8d5b1c128ccb44d0dd5f7c864f44f6c222821ba
-
SSDEEP
12288:GunzUi2iNVqu9r3y2xY9pDJ7mNUMrr24xxfXqtDr:GunzUi1zT9rCEY9VBmNB/nCD
Static task
static1
Behavioral task
behavioral1
Sample
b168bef200eee22c281c1a830cd4bf80_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
r3n5
peterjhill.com
bleednavy.com
a6d83.top
koudoula.store
albawardl.com
j-sdigitalekuns.net
0wzr2dglc.com
xd16880.com
safepostcourier.com
seuic.net
hainansousou.com
meuexamor.com
strategicthinking.coach
tabliqatbama.com
kidzplan.com
non-toxicnailpolish.com
bwgds.com
behindhereyesphotography.com
age-oldpklduy.xyz
lesconfidentialistes.paris
cornerstonepartners.online
bumidustores.com
vokalsnarbh.quest
regensburg-ferienwohnung.com
rogue-gear.com
blighttest.club
elephantspublications.online
locoboysco.com
nbl20.com
harunerdal.xyz
nailsofts.com
zhangyi.photography
farmavidacanarias.com
szqyuanzishi.com
governorslounge.net
bisoubox.com
fcjoke.com
talmkt.com
christinesyquia.com
lozanoygarcia.com
peolinkbroker.com
doskimen.art
wealth-mindset.com
covapa2.com
montclairbehavioral.com
atletofficial.com
endeavorgroupllc.net
kczu.net
beputis4.com
yshowmedia.com
steelresearchcentre.com
hpywk.com
realprestige.online
brightonpeople.com
wittig-technologies.com
sddn30.xyz
kungfupimps.com
xn--299akkrtr22f.com
lxrh.net
apexmakaluhydropower.com
mcpaintingco.com
nchh40.xyz
gwmetaverse.com
zakawsky.com
keeyasmarketplace.com
Targets
-
-
Target
b168bef200eee22c281c1a830cd4bf80_JaffaCakes118
-
Size
463KB
-
MD5
b168bef200eee22c281c1a830cd4bf80
-
SHA1
b086e5ae3f1a2e8f1b9cd614794f5f3cd8c52887
-
SHA256
d405dd06ed1a965eb9029d7982286ac11bdf029a587dd64e3b49c72fc0f0a696
-
SHA512
55dba8012bddf5bd5467176e2eed1d4b9e75c6ee10dc16464aa43ee0a079be6e8fc1f9ab5007f650433ccd55a8d5b1c128ccb44d0dd5f7c864f44f6c222821ba
-
SSDEEP
12288:GunzUi2iNVqu9r3y2xY9pDJ7mNUMrr24xxfXqtDr:GunzUi1zT9rCEY9VBmNB/nCD
-
Xloader payload
-
Suspicious use of SetThreadContext
-