General
-
Target
adc061ae7d0c3e314551eb5d19102abc_JaffaCakes118
-
Size
288KB
-
Sample
240820-eam9cssbla
-
MD5
adc061ae7d0c3e314551eb5d19102abc
-
SHA1
1b714f68260af3dc9d41d6b2341a1e9b5c711aad
-
SHA256
011d8eb0651ac5abaf961f5ac9d820aaf6b097090d7aed4c23243bba22aab598
-
SHA512
cf7e2de87823c07fdeaec37d78fdcac595c65b3986492c129b7537221747bad90d76be2380fe90665362dbbe1acda16de37a8898e7f2f753b110f358279d347a
-
SSDEEP
6144:tx/MDhXmawdvJQpBQ60U0BpYgbgO+Kl9GPl8:DDawdvRjuKOPi
Static task
static1
Behavioral task
behavioral1
Sample
2021FI30005.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2021FI30005.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
3qk9.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
3qk9.dll
Resource
win10v2004-20240802-en
Malware Config
Extracted
xloader
2.3
feaw
fiber.rentals
escuchatucuento.com
sieteactos.com
sacredconnexions.store
singaporefoodfactory.com
kingbet188.info
archja.com
hofisa.com
belobog.com
smdyw8.com
audi-englewood.com
passyunkpods.com
ajibean.com
paranouille.ovh
yorkmountainwinery.com
viewhomesinnorcal.com
worldwideexpat.com
always-fresh-matters.com
casaespiritaalankardec.com
artofgreatlife.com
livewestchase.com
ofoptic.com
gassycrna.com
ambriabyzoe.com
jsanbixin.com
commagx4.info
sangam-mails.com
skatingswitch.com
xekhachlinhphuong.com
apfelwerkstatt.com
legal-sa.com
ecd.xyz
lovedandfoundshop.com
clmvcapital.com
magpiesaloon.com
buonavitaco.com
treatstulum.com
f-cookie.com
bestadsolutions.com
ralsqfvyqvth.support
mwebatest.com
lucrativemarketingcorpltd.com
pep-ec.com
pokerpayoutcalculator.com
hfxhbh.com
handtoheartmassage.com
celerysimple.com
ibhubsccbp.com
curlquester.com
goofmefree.com
logenplay108.xyz
johnsonelectricwv.com
fanninhomesforless.com
allenfarms.net
gtaxc.com
cpb.site
wrmzp.com
calliehamilton.net
aquiloteneis.com
restorethenight.com
nayis.net
chattyzebracurriculum.com
pennylamnekart.net
78500988.xyz
patylachef.com
Targets
-
-
Target
2021FI30005.exe
-
Size
226KB
-
MD5
aaeb4ca48de2f02e82a7073f5b7845d3
-
SHA1
fe42b6a380d09d09ca116730b167bad2ab642d82
-
SHA256
77353f06427f5e7d0e4c28e4d5690700a2cf6789edc0f9c51682dd20bb65bf78
-
SHA512
5e703cb507a7436b404b212fd46ae7a2c9bc935aee5f993c04bd8bc594700350016801ca957015614769c80d3a2ab80a52b7e6a08e7f8c146a01696e55259b20
-
SSDEEP
6144:yx/MDhXmawdvJQpBQ60U0BpYgbgO+Kl9GPl8f:2DawdvRjuKOPif
-
Xloader payload
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
fccff8cb7a1067e23fd2e2b63971a8e1
-
SHA1
30e2a9e137c1223a78a0f7b0bf96a1c361976d91
-
SHA256
6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
-
SHA512
f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
-
SSDEEP
192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score3/10 -
-
-
Target
3qk9.dll
-
Size
10KB
-
MD5
8f9290de28c93e280c387b72adf45543
-
SHA1
305b45d1ca5d6de308cdc76796548a04ec677a98
-
SHA256
75597e1e381141f1606bf96c2b7a6c5b7eb1fa3ea65e37152bdb305155776192
-
SHA512
7c4694b53e8ad79fc78d5044528026ca3d000434a8b0121b89bfc1335c97b0a242774ed4d96b7a777fd65f034ef1a18d656dbe27967d616157912afe372a49db
-
SSDEEP
192:WlnU0vJoAyHzUrI95m2XaM4GGI2gcfo+wZjmqT/:WlFyTUQ5m2K1GPHcDvc
Score3/10 -