General
-
Target
c973e16041f13ff85a30dfe58b3bf5ad_JaffaCakes118
-
Size
590KB
-
Sample
240405-dyp77abf34
-
MD5
c973e16041f13ff85a30dfe58b3bf5ad
-
SHA1
84347bc4172c4c8bc36ce2b6d6916b5a5f567dbe
-
SHA256
e4f8b98f8e13c39a8a37fe7f2ac39f76790ae154a1a47941d889c663675e970e
-
SHA512
19ea24c207115fd315da6ffcd32127c3304f1d1889691c213815bafd23f6cbadc805392af5d6bc731b0286e97a422cd7b6a38c3f5e4f798d557656122b38b6ae
-
SSDEEP
12288:boOc8IzcXhvYQ/H7zSg1fyyVtW8TjZWCZtixuTt1Im2vg0:XFKc3tZWyXTt1Iw
Static task
static1
Behavioral task
behavioral1
Sample
c973e16041f13ff85a30dfe58b3bf5ad_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
xloader
2.5
i6rd
ritotvmount.xyz
szxhpfk.com
yatakturkiye.com
belugacdn.xyz
doralopen.com
gongzyrxzlhurhhhvdclmddi.store
lyvconsulting.com
it-pampering.com
weerwi.com
phdelivery1.store
neofluentsurf.com
lainsurance.xyz
ietaricardocastellarbarrios.com
despachantemedeiros.digital
madnext.online
serenity.holdings
rfvb.club
nickroche.online
hnjst.net
wolkeverts.quest
threepercentapparelllc.com
redstaterevival.com
fortunetomb.com
playfunarena.com
spares245.com
dot925.com
moukse.com
4h0.space
0205168.com
canoliveoilgobad.info
7874515.com
babysecurity.online
grenaliacikinihotel.xyz
znffutve.net
play-to-escape.com
crumplepkljfl.xyz
apostolicbusinesses.com
drmorakchungna.com
tantrapremmoksha.com
ivebeenalone.xyz
newonedrivedocc.com
psmdt.com
clashgame.com
red24bags.com
serviciosgeneralesjba.online
puyallupapartment.com
gzfj888.com
swalayan.digital
marmywordsclo.com
skykiss.one
berylgrote.top
tourparadice.com
arrhythmics.online
lapetiteagencequimonte.com
teamalpha-jaal.com
legalnewsreach.com
blueeyesnewsoutlook.com
goldener-adler-automobile.club
carsonstanford.net
rjrctr.com
laced.xyz
lenyleon.com
calvetpau.store
thebiggreen.today
csuiteweekly.com
Targets
-
-
Target
c973e16041f13ff85a30dfe58b3bf5ad_JaffaCakes118
-
Size
590KB
-
MD5
c973e16041f13ff85a30dfe58b3bf5ad
-
SHA1
84347bc4172c4c8bc36ce2b6d6916b5a5f567dbe
-
SHA256
e4f8b98f8e13c39a8a37fe7f2ac39f76790ae154a1a47941d889c663675e970e
-
SHA512
19ea24c207115fd315da6ffcd32127c3304f1d1889691c213815bafd23f6cbadc805392af5d6bc731b0286e97a422cd7b6a38c3f5e4f798d557656122b38b6ae
-
SSDEEP
12288:boOc8IzcXhvYQ/H7zSg1fyyVtW8TjZWCZtixuTt1Im2vg0:XFKc3tZWyXTt1Iw
-
Xloader payload
-
Suspicious use of SetThreadContext
-