General
-
Target
ee10aa40ce9a309ed5311465c3c8ccae_JaffaCakes118
-
Size
993KB
-
Sample
240411-w2tc5acf7t
-
MD5
ee10aa40ce9a309ed5311465c3c8ccae
-
SHA1
42f88403038ed536fa7338b8613ad5e790e4295d
-
SHA256
f7c1ecf2c6e90d8a9a0ac0972b0ab02ca809a85da65d51b46f56a4c81cc4996e
-
SHA512
4904e4125a8e07b94314d899418d0a0b809108f6597796a0693ab8770c78113507e1c94449141254c94471f91bc481ab6b903437fbc0d32ba8ee6f6abf316867
-
SSDEEP
12288:XbWmOYtLmS5fm1/mDDc9F3nC0Py3gAh46gsCipjave3cJ/5u0towdiYcbhSBmE/f:XhyANgRi8Y05hFbz8XR3O
Static task
static1
Behavioral task
behavioral1
Sample
ee10aa40ce9a309ed5311465c3c8ccae_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.3
ssee
portalcanaa.com
korzino.com
dlylms.net
smartearphoneshop.com
olimiloshop.com
auvdigitalstack.com
ydxc.chat
yhk868.com
lifeinthedport.com
self-sciencelabs.com
scandicpack.com
hold-sometimes.xyz
beiputei.com
yourrealtorcoach.com
rxods.com
fundsoption.com
ahlstromclothes.com
ksdieselparts.com
accountmangerford.com
kuwaitlogistic.com
xuanthanhpham.com
uybike.com
babyacademycy.com
zhongbuwujin.com
reclaimminnesota.net
yurunhuatian.com
eigowith.com
pharmviewfarms.com
mcmillan-phillips.com
xinkseo.com
dabaichuihl.com
modifiedmkt.com
magnificocreative.com
energytrainingireland.com
special-beauty.net
solutionexperts.xyz
upstaff.info
taravelis.online
lushthingz.com
harwestco.com
126034cp.com
lamdep-gluwhitevn.website
megenep.com
upperreceiver.com
healthywayservices.com
groupebpcenatixis.com
blackledorganizations.net
carolinasoares.com
bureaultd.com
smartcontractlegalfirm.com
perfecshipping.com
aktarbaba.com
bulukx.com
wazolerino.info
account.farm
skstchers.com
perwiranusa.com
ourtown.directory
cuidomiforma.com
thecodestage.com
0898htt.com
yamalo.club
hdzj365.xyz
canaldotenis.com
idt-metrofireandsecurity.com
Targets
-
-
Target
ee10aa40ce9a309ed5311465c3c8ccae_JaffaCakes118
-
Size
993KB
-
MD5
ee10aa40ce9a309ed5311465c3c8ccae
-
SHA1
42f88403038ed536fa7338b8613ad5e790e4295d
-
SHA256
f7c1ecf2c6e90d8a9a0ac0972b0ab02ca809a85da65d51b46f56a4c81cc4996e
-
SHA512
4904e4125a8e07b94314d899418d0a0b809108f6597796a0693ab8770c78113507e1c94449141254c94471f91bc481ab6b903437fbc0d32ba8ee6f6abf316867
-
SSDEEP
12288:XbWmOYtLmS5fm1/mDDc9F3nC0Py3gAh46gsCipjave3cJ/5u0towdiYcbhSBmE/f:XhyANgRi8Y05hFbz8XR3O
-
Xloader payload
-
Suspicious use of SetThreadContext
-