General
-
Target
f1778e10ebe79d43824716896d407a07_JaffaCakes118
-
Size
1.2MB
-
Sample
240415-tqhq5sch7s
-
MD5
f1778e10ebe79d43824716896d407a07
-
SHA1
ec03537af042f6fc51b2b6cfb87107e09f22f6a6
-
SHA256
debf9ef658a9abcc44b0d3e2d4949a2bc5f46d85c4ce44a1ad5c93c329ed62a2
-
SHA512
a8aaf3167a1f85bb287abb94262231bec92a8ea9817445f411a5f6c81e88eeccb749a74167dc9d8ec9aab31c19bd3926297f8586a3c5e5d89866be371f940d69
-
SSDEEP
24576:AhOsBgo0q4wMfBmCmTOUd+L6kvXWcr539JcsjEwJQwyRVBT:AYoHMpmCm6Ud+zvXPr539Tj7mwypT
Static task
static1
Behavioral task
behavioral1
Sample
f1778e10ebe79d43824716896d407a07_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.3
rqe8
bjft.net
abrosnm3.com
badlistens.com
signal-japan.com
schaka.com
kingdompersonalbranding.com
sewmenship.com
lzproperty.com
mojoimpacthosting.com
carinsurancecoverage.care
corporatemercadona.com
mobileswash.com
forevercelebration2026.com
co-het.com
bellesherlou.com
commentsoldgolf.com
onlytwod.group
utesco.info
martstrip.com
onszdgu.icu
progress-ai.com
flood-pictures.com
theyerpa.com
roicjhy.icu
have-boyscout-yg.com
neosimplerack.com
foofloin.com
nielsentrust.com
digitalwt.com
astaxanthinsaveme.com
hashseries.com
asesoriasyh.com
sun5new.com
domain-here.com
joshuasklarvoices.com
thecoregr.com
dreamstatebedding.com
archostekton.com
10612crestondr.com
wallfeez.com
azamdairy.com
allied-products.com
jingxinlt.com
sometingwild.com
timhafun.net
meesowell.com
betteryou999.com
theslut.net
lifewithken.com
workhardrrhh.com
meatbeoff.com
influencerflywheel.com
qzzstz.com
toewsontherun.com
esperienzahotels.com
codemybm.com
medanchess.com
greenfeltfox.com
towinggodfreyil.net
gamersgangbd.com
move-views.com
spezialitat.com
dreammyteepe.com
sheltoncannabis.com
steveblexrud.com
Targets
-
-
Target
f1778e10ebe79d43824716896d407a07_JaffaCakes118
-
Size
1.2MB
-
MD5
f1778e10ebe79d43824716896d407a07
-
SHA1
ec03537af042f6fc51b2b6cfb87107e09f22f6a6
-
SHA256
debf9ef658a9abcc44b0d3e2d4949a2bc5f46d85c4ce44a1ad5c93c329ed62a2
-
SHA512
a8aaf3167a1f85bb287abb94262231bec92a8ea9817445f411a5f6c81e88eeccb749a74167dc9d8ec9aab31c19bd3926297f8586a3c5e5d89866be371f940d69
-
SSDEEP
24576:AhOsBgo0q4wMfBmCmTOUd+L6kvXWcr539JcsjEwJQwyRVBT:AYoHMpmCm6Ud+zvXPr539Tj7mwypT
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Xloader payload
-
Suspicious use of SetThreadContext
-