General
-
Target
b3580fc99e1418bfff88a27476bff8d5_JaffaCakes118
-
Size
401KB
-
Sample
240404-j7bn2sab6w
-
MD5
b3580fc99e1418bfff88a27476bff8d5
-
SHA1
18545c7e2f533945c6c5113686a1e8f049500020
-
SHA256
8c813fa41f5f1341dac70ff4c3473d6447c0bd0eb6c87cf77ab62a864dcd2674
-
SHA512
cb21df7c4c70272f5693b5d389ba2a0d2a2bd988a113211b31f980113f0c95fdea886cc6ec7ee29e64c175cc86d311b4670475762603a38b9a53cdc2f1080c1c
-
SSDEEP
6144:p3M+/sYvqQ0WFmrkFib5uMuNXqvmwGc7kcFVpNB+aUkpETmQB+OGWRt9TS/Ks3JU:p3ZRCfXrgi1qVSGc7fNB1pKB+cOKs5U
Static task
static1
Behavioral task
behavioral1
Sample
b3580fc99e1418bfff88a27476bff8d5_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
huve
pamschams.com
uwdvcn.com
dualipaportland.com
figewus.xyz
bashed.xyz
datasdy4d.com
seinvestments-sg.com
karenradunz.com
cartridgeops.com
maxim-llc.com
baldiksa.com
keiko-t.com
fuldencavusoglu.com
j98068.com
rvinar.com
businessmattersie.com
datajobmarket.com
freayabnnd.com
indiecowboy.com
clvwj.com
infinitecraftsanddesigns.com
sunriseactivebrands.com
testserver2.host
industrieelxxl.com
figureinfo.com
napimar.com
bajajfinservmutualfunds.com
seize.store
damtcomstudio.com
online-web-site-safe.com
isco-ike.com
thehastyeinstitute.com
804escentialsllc.com
oi5oip.biz
changguoyun.com
cmiic4.com
doglovermexico.com
fintechblockxchange.com
fellasies.com
mycoupons.asia
xn--lbild-iua.art
letterupcut.top
kratom-kaufen.com
thesincerity.info
bbii97joy.space
artbeatnashville.net
simshomereno.com
tiendadesdemona.store
rcato.xyz
eye4beauty.biz
cachesmokeout.net
visionries.com
jet-rental-uk.space
topeasyip.store
llastra41.com
sedsn.com
takefamilybd.com
niyidingyaobiwokuaile.xyz
roadmapfa.com
onesun.solar
carts-amazon.com
ww8xdaka.xyz
jldjzx.com
beyondvarsity.net
thethomasgrouphomes.com
Targets
-
-
Target
b3580fc99e1418bfff88a27476bff8d5_JaffaCakes118
-
Size
401KB
-
MD5
b3580fc99e1418bfff88a27476bff8d5
-
SHA1
18545c7e2f533945c6c5113686a1e8f049500020
-
SHA256
8c813fa41f5f1341dac70ff4c3473d6447c0bd0eb6c87cf77ab62a864dcd2674
-
SHA512
cb21df7c4c70272f5693b5d389ba2a0d2a2bd988a113211b31f980113f0c95fdea886cc6ec7ee29e64c175cc86d311b4670475762603a38b9a53cdc2f1080c1c
-
SSDEEP
6144:p3M+/sYvqQ0WFmrkFib5uMuNXqvmwGc7kcFVpNB+aUkpETmQB+OGWRt9TS/Ks3JU:p3ZRCfXrgi1qVSGc7fNB1pKB+cOKs5U
-
Xloader payload
-
Suspicious use of SetThreadContext
-