General
-
Target
edb54a30972b862cfba8589bb1f67c7e_JaffaCakes118
-
Size
425KB
-
Sample
240411-sg2bfsdh97
-
MD5
edb54a30972b862cfba8589bb1f67c7e
-
SHA1
7f3b9b36342bb863950e592063db38cd2c3f8bb9
-
SHA256
856b8775a8063900378a815cd03d0f9628c4296eddd93ac9e9cd52269178c079
-
SHA512
51f1e192a0f06472c5bf3da68e511d1112dd61a8a429aeb14c39e3d8e05b0448b5086d4367a2953b3dbbaa453faac63aa4319127aa9944e68334322cc6bc8f42
-
SSDEEP
12288:S0SrZ2vE4MtuTN6GLMX3a9sO81joauMuB3fj:Sf2vE9tuPgHa2O8hoauMuB
Static task
static1
Behavioral task
behavioral1
Sample
edb54a30972b862cfba8589bb1f67c7e_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
amb4
ameerkabob.com
wenzhikeji.online
ktnsoil.xyz
dock7rods.com
simbaimmigration.com
tanahvilamalino.online
amaozn-co-jp.xyz
atahukukbafra.com
attruth.net
jigservices.net
310indianway.com
freelotto.online
mylanding-page.com
dudemealprep.com
wellmaintainedhealth.com
vitemonprenom.com
laurynfauntroy.com
pilotmom.info
arpatientsapp.com
sendangdigital.com
supportkey.xyz
freshoffthefire.com
pokorny.industries
abdullahbinfalajstore.com
waterhammerstudios.com
hellocs.xyz
sdsshy.com
eid.paris
zhuoyu168.com
merchantsimplicity.net
evasiebenhaar.com
mlnettoayage.com
snorecareclinic.com
sequimapartment.com
egmetaverse.com
costalitaestepona2d.com
foxwodds.com
tasteofstraddie.com
jutaiminer.com
heavyverse.com
webuycodes.com
humanassetcapital.info
experienceanewromantic.com
fellasies.com
immsyvisuals.com
taiwanlongyu.com
04mpt.xyz
buck100.com
nevenieiker.quest
villagestreetwear.com
emeraldcoastmcdonalds.com
nomanproject.xyz
798791.com
megmonroe.com
agreeablebeauty.com
captainscookcasino.com
nlbydcg.xyz
appcast-65.com
lowesoneroofmedianetwork.us
franksmaintenanceplusllc.net
cesmedeyatkirala.com
kuzeykibrissatilik.com
cryptorickclub.art
alexiscomputers.com
shopmew.com
Targets
-
-
Target
edb54a30972b862cfba8589bb1f67c7e_JaffaCakes118
-
Size
425KB
-
MD5
edb54a30972b862cfba8589bb1f67c7e
-
SHA1
7f3b9b36342bb863950e592063db38cd2c3f8bb9
-
SHA256
856b8775a8063900378a815cd03d0f9628c4296eddd93ac9e9cd52269178c079
-
SHA512
51f1e192a0f06472c5bf3da68e511d1112dd61a8a429aeb14c39e3d8e05b0448b5086d4367a2953b3dbbaa453faac63aa4319127aa9944e68334322cc6bc8f42
-
SSDEEP
12288:S0SrZ2vE4MtuTN6GLMX3a9sO81joauMuB3fj:Sf2vE9tuPgHa2O8hoauMuB
-
Xloader payload
-
Suspicious use of SetThreadContext
-