General
-
Target
9609200e202f371c2e981de8674c0374_JaffaCakes118
-
Size
210KB
-
Sample
240814-n97xgswcln
-
MD5
9609200e202f371c2e981de8674c0374
-
SHA1
7918b9b64dad3139f8b19658ab08407102c0ab38
-
SHA256
149bc7bb666f2eabcf946822bd316709ddeeef787f059687415f98c71ad47783
-
SHA512
1e3c7ef62291f7d5a067086d0308e9e9d85ab3904d7303b269d2b4b70998ca75795e7289277426da28af0bfef16b3fabe42175626e3123dd1d28e4256a6f9506
-
SSDEEP
3072:4BkfJpRXATwMdFCcCbjmmLYLRX25u3foM5AQcbcKfC3icbsaLaLVMsObC6Rt:4qjI2JU6mAQ9RbjLeMsO5t
Static task
static1
Behavioral task
behavioral1
Sample
9609200e202f371c2e981de8674c0374_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9609200e202f371c2e981de8674c0374_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
rva11.dll
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
rva11.dll
Resource
win10v2004-20240802-en
Malware Config
Extracted
xloader
2.3
ivay
b4ukid.com
missioncontrol2030.com
chriswhitefoto.com
guepard-marine.com
getlauded.com
jingdonglm.com
clintlove.com
boldstrategicmedia.com
bluebay3dwdmall.com
aishag.com
forexexpoaward.com
basslakedisposal.com
bukannyaterbuai36.com
learntrhc.com
cancunpolo.com
case-cornershop.com
tahiticomplementos.com
dashanzhf.com
wholeholistichealth.com
inass-yassin.com
citestiprb151at29.com
kazancsere.net
ittakesavillagekitchen.info
jkmibszou.icu
lindamaearmstrong.com
chaithanyaonline.com
blowdryingcontest.com
nail-junkie.com
wokinbarbecue.com
thefreemusic.net
digitaldynasti.com
unclonedstream.com
utensilgranchi.com
meszur.com
stevebucci.com
acresvisionent.com
knit1eat1.com
highendsmokeshop.com
pearyazilim.com
andcarryon.com
nailzcrafted.com
homekitchenid.com
pingds.info
connectionsitsolutions.com
tradesfortomorrow.com
roadofcherrytrees.com
roeromeccanica.com
rzpte.com
royaibanks.com
freshwaterflower.com
livr.chat
findandnews.com
cpnpproductions.com
jacknow123.com
kaywoodward.com
houseofvortex.com
goodfood.directory
bosolia.com
caragross.com
racevx.xyz
americanshieldhome.com
drexelflux.com
gxwl1688.com
hurrytrip.com
digitalneeds.tech
Targets
-
-
Target
9609200e202f371c2e981de8674c0374_JaffaCakes118
-
Size
210KB
-
MD5
9609200e202f371c2e981de8674c0374
-
SHA1
7918b9b64dad3139f8b19658ab08407102c0ab38
-
SHA256
149bc7bb666f2eabcf946822bd316709ddeeef787f059687415f98c71ad47783
-
SHA512
1e3c7ef62291f7d5a067086d0308e9e9d85ab3904d7303b269d2b4b70998ca75795e7289277426da28af0bfef16b3fabe42175626e3123dd1d28e4256a6f9506
-
SSDEEP
3072:4BkfJpRXATwMdFCcCbjmmLYLRX25u3foM5AQcbcKfC3icbsaLaLVMsObC6Rt:4qjI2JU6mAQ9RbjLeMsO5t
-
Xloader payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
fccff8cb7a1067e23fd2e2b63971a8e1
-
SHA1
30e2a9e137c1223a78a0f7b0bf96a1c361976d91
-
SHA256
6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
-
SHA512
f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
-
SSDEEP
192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score3/10 -
-
-
Target
rva11.dll
-
Size
11KB
-
MD5
188990101a629d59f5435a64c19b655e
-
SHA1
c8fc89b69858fceeeb4f78a3d20cee3f6a0beb42
-
SHA256
755ea4c08bae90f85e93cea3865580400c5dd9fe238dde5c59dfd893dcecf4f4
-
SHA512
1e0f096551159532ad4d773639792841710c48eacca02b46c05be2c90e1e6b3f87470a3a379461694ffdfbe76509f1f7876f5c045d4bcee250e5905632506597
-
SSDEEP
192:LbJZqY7dW36qTJPHjd9kAlndYFzLVaAVNQdIHG2SRUt7:SRqYPHjjdndUzLVhcRY7
Score3/10 -