General
-
Target
27109f0d4d1e1d20d4a64245bc6604b4_JaffaCakes118
-
Size
672KB
-
Sample
240508-2nr6ssdh65
-
MD5
27109f0d4d1e1d20d4a64245bc6604b4
-
SHA1
ea65d2ff984d14641ee9197ee4bbdbcaf59109e3
-
SHA256
c2276e1e74e979f62298ebfdeab3d4f2ab94ef8d589026e359d88936b9013f40
-
SHA512
8ae5a44c1dfb75aaa798b8102e9cdac3540a500926558ceb86c755804ace9b31dc75d90828d08045708c0fe1bb3f5b5c9073a9d35cc73187cc07a8ed70037d9e
-
SSDEEP
12288:IBI4thq6QbSNnW0/VKjONRh7cMF5S4AhUO4anx8GJ4+IDRfr08/d5cam:IBJQz6W0tIi7cMFkf8ax/URfrL7ca
Static task
static1
Behavioral task
behavioral1
Sample
27109f0d4d1e1d20d4a64245bc6604b4_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
xloader
2.1
p980
iwantgoddessevelyn.com
attorneysiraq.com
stfairytale-gakuin.site
mybazaartrip.com
alexjrtransport.com
present-sense.store
bigbucks4you.com
westernwings.info
qrs4u.com
knightsbridgehouse.com
fanamfoods.com
ediblesareincredible.com
revinedbypao.com
psychsolutionsofdurham.com
xn--mykyr-kra.com
sweettreatsepiceats.com
quarnetta.com
femaletopic.com
rockstoneofblue.com
btbaidu.com
mintra-group.com
amygdaliafilm.com
specter-research.com
cafebachthao.com
ayarabin.com
netlfixhelpus.net
5918199.com
strixinvestment.com
officialbondandunion.com
photozanzibar.com
timelinesofrevelation.com
solisdq.info
lightningbike.com
masonicdating.com
chambatech.net
huceste.com
drsangeetgawhale.com
bloodtypea.net
atendoonline.com
teesshot.com
electricite-finistere.com
provoked.life
hamparanberita.tech
wissotahomeprices.com
drsachinguptaoncologist.com
poklvdsa.com
huntconsultant.com
flapsfashions.com
easysuperapp.com
zsjy987.com
convertdeserve.guru
printshost.com
theanimehat.com
alywp.com
mlifilm.com
dsoregion446.com
beyouafclothing.com
ntwttbnksonline.com
avanzacarrera.com
donewithdying.com
friendsimportandexport.com
kenko-kawaraban.com
antifo.com
advancedagedcare.com
outthecancersurvey.net
Targets
-
-
Target
27109f0d4d1e1d20d4a64245bc6604b4_JaffaCakes118
-
Size
672KB
-
MD5
27109f0d4d1e1d20d4a64245bc6604b4
-
SHA1
ea65d2ff984d14641ee9197ee4bbdbcaf59109e3
-
SHA256
c2276e1e74e979f62298ebfdeab3d4f2ab94ef8d589026e359d88936b9013f40
-
SHA512
8ae5a44c1dfb75aaa798b8102e9cdac3540a500926558ceb86c755804ace9b31dc75d90828d08045708c0fe1bb3f5b5c9073a9d35cc73187cc07a8ed70037d9e
-
SSDEEP
12288:IBI4thq6QbSNnW0/VKjONRh7cMF5S4AhUO4anx8GJ4+IDRfr08/d5cam:IBJQz6W0tIi7cMFkf8ax/URfrL7ca
-
Xloader payload
-
Suspicious use of SetThreadContext
-