General
-
Target
b8278e92923b15789354b41cc89b638f_JaffaCakes118
-
Size
249KB
-
Sample
240404-pgzwvaeh31
-
MD5
b8278e92923b15789354b41cc89b638f
-
SHA1
9e4dc8a87d8ca82c8220ff05abed303e899b3822
-
SHA256
0bb2dadcdeaff57f676d59b05cf9a787669403dceabe43fd008995b2a0a8b9dd
-
SHA512
6c948ef9eb3781aca24ab411d4bba93fff5ec052baa622b9fcb026edd3ead6098b5e371381cc398c91fae92ae9ac308450e08515a47d3b2b2ded682c51715418
-
SSDEEP
6144:wBlL/ctqWfthdLZMNnOasGazR/Ejfk7gfPDZJElCI/hNEt1A:CetqWfdV+LDaF8DgWDZUCI/EzA
Static task
static1
Behavioral task
behavioral1
Sample
b8278e92923b15789354b41cc89b638f_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b8278e92923b15789354b41cc89b638f_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ukjqjohi.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ukjqjohi.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
xloader
2.5
noha
iphone13promax.support
trailer-racks.xyz
overseaspoolservice.com
r2d2u.com
dawajeju.com
nextgenproxyvote.com
xn--vhqp8mm8dbtz.group
commonsenserisk.com
cmcqgxtyd.com
data2form.com
bois-applique.com
originallollipop.com
lj0008lj.net
spfldvaccineday.info
phalcosnusa.com
llcmastermachine.com
onlyforu14.rest
bestmarketingautomations.com
officialswitchmusic.com
thepretenseofjustice.com
authenticradio.net
standardizedsubmissions.com
aegnoshipping.com
478762.com
inclusionchecks.com
number-is-04.net
yyds9527.space
big-thought.com
controle2.email
groupninemed.com
fisworkdeck.com
imonbayazid.com
pixlrz.com
headlinebysmp.com
simulatefuck.com
efficientmother.com
wkshops22012.xyz
artehamburguer.com
beauallenpoetry.com
bonairemarathon.com
sprintfingers.com
ranbix.com
denghaoxin.club
jillianvansice.com
purpledge.com
mariadimitropoulou.com
surveyplanetgroup.tech
apocalyptoapertureserrature.net
cbd-cannabis.store
dirtcheapfire.com
xn--zbss74a16j.xn--czru2d
auth-appsgo.com
estchemdelat.space
kweeka.money
marketingtipsntricks.com
dayandwestbeauty.com
paddlercentral.com
nongminle.net
aodesai.store
evtasimaucretleri.com
micj7873.com
unarecord.com
zsnhviig.xyz
hallmark-transport.com
mglracing.com
Targets
-
-
Target
b8278e92923b15789354b41cc89b638f_JaffaCakes118
-
Size
249KB
-
MD5
b8278e92923b15789354b41cc89b638f
-
SHA1
9e4dc8a87d8ca82c8220ff05abed303e899b3822
-
SHA256
0bb2dadcdeaff57f676d59b05cf9a787669403dceabe43fd008995b2a0a8b9dd
-
SHA512
6c948ef9eb3781aca24ab411d4bba93fff5ec052baa622b9fcb026edd3ead6098b5e371381cc398c91fae92ae9ac308450e08515a47d3b2b2ded682c51715418
-
SSDEEP
6144:wBlL/ctqWfthdLZMNnOasGazR/Ejfk7gfPDZJElCI/hNEt1A:CetqWfdV+LDaF8DgWDZUCI/EzA
-
Xloader payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/ukjqjohi.dll
-
Size
28KB
-
MD5
4a461edac312daf734fc0b0a1e7d1169
-
SHA1
bf3f1e23bf93340481bf8abf4338db4d4a22df27
-
SHA256
47d6f407abc8d7fe10076e0ef6dbf7f2d843e2e481a280ec79d58f1edf06574b
-
SHA512
3544e5fe8c2de40ca5c1f494c0b3bf7996aeefde05edc1041eed5592f3d07aa5e2741bfd253bb875c4440e673fdc0c3b574d98287b696ef5b2b40c45d64f24f1
-
SSDEEP
768:ol7pb0KAbav/xDCKHj13xDv//6bbtxD7:6OL2xvXMTD7
Score3/10 -