General
-
Target
a3471629786819e39c78c4219ae04771_JaffaCakes118
-
Size
723KB
-
Sample
240817-ty9jtsxhrl
-
MD5
a3471629786819e39c78c4219ae04771
-
SHA1
b94fa145d99416d7c2fed901e83108e257e417eb
-
SHA256
c0cf68515b3afd73306eaa9c2abdd73f06bfba2943f57fd081e7ae25cfbf7b76
-
SHA512
24731547612a0ffd8c18e5797a765612fcc9567aed74397a832e9721a14a0b885fd9388ec3724cea038f77c236a72ca7d73946149a1799c75956c7c41c0741ef
-
SSDEEP
12288:wxojH5jdL/KyCR7PqRo2YQLa3RFC7cvoLTK8bColQVpvlbKmQQUTvSq8MFNBUt:pljBKnRIIQOhKcCTKWlQVhFKmvxqnfBU
Static task
static1
Behavioral task
behavioral1
Sample
a3471629786819e39c78c4219ae04771_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
xloader
2.1
0tog
nordicgeneralcounsel.com
global1pbx.com
schoolcovidmap.com
asfsonline.net
landquestlandscape.com
streetsaheadleisure.com
acterialed.store
supremehtv.com
oregondst.com
gsmits.com
goldershealth.com
ideagroup.one
405eastfirststreetnapa.com
cleidgarciamarket.com
buybeatsbydre.com
icdr1.com
mydivinedelights.com
trotinette-electrique-shop.com
bigbrainmedialv.com
greatheightstours.com
lernhom.com
parasstrategic.com
contentnetworking.team
goofinc.com
countryfarmestate.com
onthesidephotographybymandy.com
relaxabyebaby.com
bluebuttonstudios.com
myburlingtonfeedback.com
waterfeaturessale.com
jamesfineartifacts.com
dy236.com
gearalert.net
contentx.info
abortioncam.com
aldirector.com
healtheworldsites.com
bornxxtra.com
gurancapital.com
lelnacher.com
prospecttop.com
addueldesign.com
rhotoken.com
autoselections.com
goodbuy.club
xn----7sbadc9ejcoh.xn--p1acf
die-beatmaker.com
cortexkeyboards.com
luxelweb.com
blog-towards-the-future.com
nepap.net
ahavahshop.com
ppc-listing.info
mmognation.com
besttoasterovens2021.com
zenglamour.life
memohoster.com
minsterleisurehomes.com
thegurlzrm.com
832lafayettest.com
dynamiceagles.financial
jomedar.com
simplexmedicare.com
pizzagate.computer
satssar.com
Targets
-
-
Target
a3471629786819e39c78c4219ae04771_JaffaCakes118
-
Size
723KB
-
MD5
a3471629786819e39c78c4219ae04771
-
SHA1
b94fa145d99416d7c2fed901e83108e257e417eb
-
SHA256
c0cf68515b3afd73306eaa9c2abdd73f06bfba2943f57fd081e7ae25cfbf7b76
-
SHA512
24731547612a0ffd8c18e5797a765612fcc9567aed74397a832e9721a14a0b885fd9388ec3724cea038f77c236a72ca7d73946149a1799c75956c7c41c0741ef
-
SSDEEP
12288:wxojH5jdL/KyCR7PqRo2YQLa3RFC7cvoLTK8bColQVpvlbKmQQUTvSq8MFNBUt:pljBKnRIIQOhKcCTKWlQVhFKmvxqnfBU
-
Xloader payload
-
Suspicious use of SetThreadContext
-