General
-
Target
f9bfc7f212a6cd22360e1490f555fbdd_JaffaCakes118
-
Size
349KB
-
Sample
240419-hpd6sabc95
-
MD5
f9bfc7f212a6cd22360e1490f555fbdd
-
SHA1
24ea648fde606a1ace9716649b9dc2e40ed90b21
-
SHA256
427b6129f42722d768ebf07bcd966939120313f08e3c5b0c857644f6c2a51693
-
SHA512
6da89c186e10f47c664a2c633b22deae1dad36a8eaa8b2c3d1d3c882e13d56c79f6f65eb7d2252c2ed37ac081d23008553867f2a3c37cd98a829434d14e1527b
-
SSDEEP
6144:V4gfheNKl88ef0pNNZ9N2sHjvXIDRqzFQboylBMZ4inoMvXClY:V8Nmqf0ZZPSiEo54ino1C
Static task
static1
Behavioral task
behavioral1
Sample
f9bfc7f212a6cd22360e1490f555fbdd_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f9bfc7f212a6cd22360e1490f555fbdd_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
xloader
2.5
ntfs
cast-host.com
sheenwoman.com
cateringpairs.com
butikgamis.com
esd66.com
beautystaze.com
findavetnearme.com
lyketigers.com
nesboutiqe.com
jadeutil.com
survivalfresh.com
realestatebramlett.com
glorynap.com
awards.institute
huangtapps.com
beyondwithyou.com
cryptocustomerhelp.com
plataformasoma.net
lstpark.com
noalareelecionindefinida.com
supersconti.xyz
emotors-invoice.com
adamelsouk.com
pellondo.com
itstimewashington.com
ss9n.xyz
wecuxs.com
wonderfulwithyou.com
livetvnews24.com
humanblessings.com
soins-sophro.website
pailuanshizhi.com
balanzasdeplataformaperu.com
wingboxonline.com
importexportjessi.com
revenberggmemergencyupgrade.com
comicvan.com
docomoaj.xyz
accelerate6.com
englishforbreakfast.com
braapboxclub.com
damana-vetements.com
corinnewehby.com
tonesify.com
growversa.com
cemetrasbeautyboutique.com
newbalancecore.xyz
cqguipu.com
vdcasinolinkegit.club
sednayachts.com
alinatargetpro.com
pawcomart.com
aisle5.store
dayinburgas.com
c2batxpvme9ey3poams7369.com
everythingby-b.com
laliinparfumeri.com
ntwapedi.com
mrbubblesftlauderdale.com
averiansmom.com
ipelle.com
waiting-game.com
online-security.support
hartfortlife.com
164661.com
Targets
-
-
Target
f9bfc7f212a6cd22360e1490f555fbdd_JaffaCakes118
-
Size
349KB
-
MD5
f9bfc7f212a6cd22360e1490f555fbdd
-
SHA1
24ea648fde606a1ace9716649b9dc2e40ed90b21
-
SHA256
427b6129f42722d768ebf07bcd966939120313f08e3c5b0c857644f6c2a51693
-
SHA512
6da89c186e10f47c664a2c633b22deae1dad36a8eaa8b2c3d1d3c882e13d56c79f6f65eb7d2252c2ed37ac081d23008553867f2a3c37cd98a829434d14e1527b
-
SSDEEP
6144:V4gfheNKl88ef0pNNZ9N2sHjvXIDRqzFQboylBMZ4inoMvXClY:V8Nmqf0ZZPSiEo54ino1C
-
Xloader payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-