General
-
Target
f2654cd7598c850ba9229ce85998b556_JaffaCakes118
-
Size
1.1MB
-
Sample
240416-b4actaga9w
-
MD5
f2654cd7598c850ba9229ce85998b556
-
SHA1
6108ca584686f895fe949878af699e846cbe19d0
-
SHA256
a580a0ff9f6c6a6120632d565e69978de243842368c34c3f2abb3de3f441e06b
-
SHA512
d911bab4267a5ff0907f09e5fe4a3c22e18452659e0af17bc9dc719ba5fb27e2863429cf28debe11597209c15cb22a4c7226310f5dd2ff2984030e91fa7051c0
-
SSDEEP
24576:odS/d31Kzks8ks21oODt9HJcPNoPZBUK3ITy8jh8N6ZN:JKDBxfQK30ON6ZN
Static task
static1
Behavioral task
behavioral1
Sample
f2654cd7598c850ba9229ce85998b556_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
xloader
2.3
p596
ushistorical.com
lovepropertylondon.com
acupress-the-point.com
3772548.com
ambientabuse.com
primaveracm.com
themidwestmomblog.com
havasavunma.com
rockyroadbrand.com
zzphys.com
masque-inclusif.com
myeonyeokplus.com
linkernet.pro
zezirma.com
mysiniar.com
andreamall.com
mattesonauto.com
wandopowerinc.com
casaurgence.com
salishseaquilts.com
yourchanceisnow.com
tumulusresearch.com
blendandspend.com
pevention.com
cloudrevolutionawards.com
beadedbodied.com
marylandpaymentrelief.net
5935699.com
silverleafcompanies.com
slxxxhub.com
combatstriking.com
sex-shop.life
cuncunkan.com
italiamo-magagine.com
sfvoterguide.com
2012boulevard.com
mslookbook.com
897tj1.net
cgslnc.net
kashyaptalkz.com
researchcse.com
lunzhu168.com
mlfkt.com
customcardstudio.com
kirklandramblerforsale.com
magetu.info
wptheme247.com
purposedenver.com
journaldelaphotographie.com
yieldwadi.site
mobilefriendlysites.com
ocularjournal.com
consigli.energy
infintylights.com
itcohempproject.com
montcairo.net
allegrohascockroaches.com
flexbandofficial.com
greatindiapropertyshow.com
kabin-fever.com
designsoc.com
javlao.com
controltower.services
masihsarap.com
lapashawhite.com
Targets
-
-
Target
f2654cd7598c850ba9229ce85998b556_JaffaCakes118
-
Size
1.1MB
-
MD5
f2654cd7598c850ba9229ce85998b556
-
SHA1
6108ca584686f895fe949878af699e846cbe19d0
-
SHA256
a580a0ff9f6c6a6120632d565e69978de243842368c34c3f2abb3de3f441e06b
-
SHA512
d911bab4267a5ff0907f09e5fe4a3c22e18452659e0af17bc9dc719ba5fb27e2863429cf28debe11597209c15cb22a4c7226310f5dd2ff2984030e91fa7051c0
-
SSDEEP
24576:odS/d31Kzks8ks21oODt9HJcPNoPZBUK3ITy8jh8N6ZN:JKDBxfQK30ON6ZN
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Xloader payload
-
Suspicious use of SetThreadContext
-