General
-
Target
b50f2ee58a34c1e367450e1e2bc107bf_JaffaCakes118
-
Size
247KB
-
Sample
240404-lqjz7sbf51
-
MD5
b50f2ee58a34c1e367450e1e2bc107bf
-
SHA1
9a5bc255948f7b16eb3d109808d8d1bafd1f6070
-
SHA256
12fa6c4f9dc345eca587fe606caf9a5eccfcdc5456b2617ec17b1b1f1e06d24a
-
SHA512
fc3aed1caf7cdc271bfca44c8a7bcb254c7331f882c2a5903be7e9921ce71563dcfe305ed0f24838707f30909fa5cbb60854a187e46dc308bbb2c206a71148bb
-
SSDEEP
6144:wBlL/cO5N8NT5W5DK4ZJzUhzmAsSQ75tRb3Mmuw7mc2tRsjyaEWj0kC:CeOIrqDK4ZZUz8SQfRbPJmc2TWIN
Static task
static1
Behavioral task
behavioral1
Sample
b50f2ee58a34c1e367450e1e2bc107bf_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b50f2ee58a34c1e367450e1e2bc107bf_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/gibh.dll
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/gibh.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
xloader
2.5
u9xn
lifeguardingcoursenearme.com
bolsaspapelcdmx.com
parsleypkllqu.xyz
68134.online
shopthatlookboutique.com
canlibahisportal.com
oligopoly.city
srchwithus.online
151motors.com
17yue.info
auntmarysnj.com
hanansalman.com
heyunshangcheng.info
doorslamersplus.com
sfcn-dng.com
highvizpeople.com
seoexpertinbangladesh.com
christinegagnonjewellery.com
artifactorie.biz
mre3.net
webbyteanalysis.online
medicmir.store
shdxh.com
salvationshippingsecurity.com
michita.xyz
itskosi.com
aligncoachingconsulting.com
cryptorickclub.art
cyliamartisbackup.com
ttemola.com
mujeresenfarmalatam.com
mykombuchafactory.com
irasutoya-ryou.com
envtmyouliqy.mobi
expert-rse.com
oddanimalsink.com
piezoelectricenergy.com
itservices-india.com
wintwiin.com
umgaleloacademy.com
everythangbutwhite.com
ishhs.xyz
brandsofcannabis.com
sculptingstones.com
hilldetailingllc.com
stone-project.net
rbrituelbeaute.com
atzoom.store
pronogtiki.store
baybeg.com
b148tlrfee9evtvorgm5947.com
msjanej.com
western-overseas.info
sharpecommunications.com
atlantahomesforcarguys.com
neosudo.com
blulacedefense.com
profilecolombia.com
blacksaltspain.com
sejiw3.xyz
saint444.com
getoken.net
joycegsy.com
fezora.xyz
crisisinterventionadvocates.com
Targets
-
-
Target
b50f2ee58a34c1e367450e1e2bc107bf_JaffaCakes118
-
Size
247KB
-
MD5
b50f2ee58a34c1e367450e1e2bc107bf
-
SHA1
9a5bc255948f7b16eb3d109808d8d1bafd1f6070
-
SHA256
12fa6c4f9dc345eca587fe606caf9a5eccfcdc5456b2617ec17b1b1f1e06d24a
-
SHA512
fc3aed1caf7cdc271bfca44c8a7bcb254c7331f882c2a5903be7e9921ce71563dcfe305ed0f24838707f30909fa5cbb60854a187e46dc308bbb2c206a71148bb
-
SSDEEP
6144:wBlL/cO5N8NT5W5DK4ZJzUhzmAsSQ75tRb3Mmuw7mc2tRsjyaEWj0kC:CeOIrqDK4ZZUz8SQfRbPJmc2TWIN
-
Xloader payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/gibh.dll
-
Size
27KB
-
MD5
6a6e5ce1da420ef522bed80375260881
-
SHA1
acc4a1f85c397d6b93ba69f43182cbaf8d9cd768
-
SHA256
829d331503e630301cb7e037a7e451e5e697db9573ee5ea5e2e2e2e5d195e6b1
-
SHA512
1f1bdab25301ac57cd5d796557625a6a812900f01c44bf391fa1052f5fecf05b8c8edcb80b44ab1a7e4a74943aa722fc801b28e1212e6858c4d8b7b8d64f7102
-
SSDEEP
768:rCSGFyjZQMA7VpLHqQC8Wna8x8/hBSwXo:ri7jHqQ6l85BdXo
Score3/10 -