General
-
Target
e8ffcbc409061c90c88be282c1b8b0d0_JaffaCakes118
-
Size
843KB
-
Sample
240409-cwgbtsfc6v
-
MD5
e8ffcbc409061c90c88be282c1b8b0d0
-
SHA1
84ff0763b0464abd121f06599cf3c5ee739fa3f9
-
SHA256
93e54839118561584c3e736d6b03acfbec1373cfe5b9b9dffdb3d57e96be7d4a
-
SHA512
e3b8c38d8cbfcefa876b5055eb1dce48f261eca1f8ab32d6ac8cb559389ba5700cdef8e5f382b408a1fb1e1c9cfc03ba9fd05d92feef5358a1f2aca1efc2e1b3
-
SSDEEP
24576:dw2KSb9kgF16bJtrEMYPzPeglLG6EmdG9tMRdbur:bKykk4AMYPzGV7MRdq
Static task
static1
Behavioral task
behavioral1
Sample
e8ffcbc409061c90c88be282c1b8b0d0_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.3
n58i
nl-cafe.com
votetedjaleta.com
britrobertsrealtor.com
globipark.com
citysucces.com
verisignwebsite-verified.com
riddlepc.com
rosecityclimbing.com
oleandrinextract.com
salmankonstruksi.com
needhamchannel.com
refreshx2z.com
youth66.com
pla-russia.com
halloweenmaskpro.com
exdysis.com
1gcz.com
lookgoodman.com
rlxagva.com
stlcityc.com
writingleagues.com
biodunandewaoluwa.com
whitepetalsboutiques.com
idirtivio.com
ministerioslodj.com
bachelors.win
floortak.co.uk
naturaldogseltzer.com
hypermediarus.online
grandrapidsvirtualboatshow.com
usabrokersgroup.net
marketlala.com
5923599.com
oldhousechicago.com
crucial.company
chickaboom.net
fashionelixirs.com
robertstevensonphotography.com
goddessruby.com
hostings.company
freeganyachtclub.com
shierxing.com
sfca01.com
ahhtcd.com
yournumberoneteam.com
w88linklogin.com
worldchampsfootball.club
arcadems.com
rutroms.club
oxfordholidaycottage.com
science-laboratory.info
wecarefamilyphysicians.com
cdaaesthetics.com
defyesthetics.com
haselwoodvwevents.com
promoterss.com
gromov-plc.com
themaximogroup.com
litlidin.com
guangheng-sh.com
cashcowlending.com
foxelpie.com
bppublicschool.com
terapiademuerdago.com
mack3sleeve.com
Targets
-
-
Target
e8ffcbc409061c90c88be282c1b8b0d0_JaffaCakes118
-
Size
843KB
-
MD5
e8ffcbc409061c90c88be282c1b8b0d0
-
SHA1
84ff0763b0464abd121f06599cf3c5ee739fa3f9
-
SHA256
93e54839118561584c3e736d6b03acfbec1373cfe5b9b9dffdb3d57e96be7d4a
-
SHA512
e3b8c38d8cbfcefa876b5055eb1dce48f261eca1f8ab32d6ac8cb559389ba5700cdef8e5f382b408a1fb1e1c9cfc03ba9fd05d92feef5358a1f2aca1efc2e1b3
-
SSDEEP
24576:dw2KSb9kgF16bJtrEMYPzPeglLG6EmdG9tMRdbur:bKykk4AMYPzGV7MRdq
-
Xloader payload
-
Suspicious use of SetThreadContext
-