General
-
Target
b04b0416c7a562416e58c07fb38699a7_JaffaCakes118
-
Size
699KB
-
Sample
240820-wstbrswejd
-
MD5
b04b0416c7a562416e58c07fb38699a7
-
SHA1
e0737cd598cd24a694632f81bb274d1e8792840a
-
SHA256
19492b5df68b96dd4dd552f1a4735f795fa8bedef47ac95f1336d9731ec5edd2
-
SHA512
ab541f799016fcf96e89d5e64232cbc94544e777875b8d8c33a68dc058467dfd53da09b11e911a0d654e0109d4e5e353dfaaaec1753b35f6dad8a8d8be22fd02
-
SSDEEP
6144:0leWOQ+3HwOExxWFVBHtfsrIL7po8wutYF7Ke2ubf3XJvf9NGJUa/tnhn4122Irm:moXz68Le8wuOF7KeL3XJv10U4l4l
Static task
static1
Behavioral task
behavioral1
Sample
b04b0416c7a562416e58c07fb38699a7_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
xloader
2.5
scb0
introlly.com
slowtravelco.com
sasanos.com
3424soldbastrophwy.com
isabelaefernando.net
0754fm.com
meta-bot.xyz
778tt8.com
krallechols.quest
lipagent.com
dermaqueeniran.com
psychoterapeuta-wroclaw.com
marmorariapiramide.online
luxonealbery.com
floridawp.com
nebobuild.com
facillitiespro-sweep.com
wwgzj.com
puffsmoke.online
cryptofuelcars.com
mcintoshsonoystercompany.com
viscoent.online
daveparkernotary.com
publicschools.fail
traexcel.com
lovelypersonals.com
emptycc.net
omniriot.com
etsawi9.com
rangerbuddys.com
medchemic.com
paparazziprom.com
atelifer.com
imlgw.com
vaguva.com
theportlandhandyman.com
oggu2.com
fuchs-consolidated.net
onluo.com
flirtylocals.xyz
foxyladynails.com
dgyej.com
cloudmaigc.com
lafabriqueabeille.com
vivagru.com
fuckingmom88.xyz
caesarscssino.com
jyh8882.com
diyiyc.com
lanceseuexpert.digital
omshivematka.com
agrigain-soil.com
burgettflorist.com
goddarddrillingllc.com
nchh07.xyz
tabulose-paare.com
notlficationintuit.com
killercross.com
storybylightstudio.com
flex-ecommerce.com
fearlessthread.com
skateboardlovers.com
mgav34.xyz
lucanos.info
vetpipes.com
Targets
-
-
Target
b04b0416c7a562416e58c07fb38699a7_JaffaCakes118
-
Size
699KB
-
MD5
b04b0416c7a562416e58c07fb38699a7
-
SHA1
e0737cd598cd24a694632f81bb274d1e8792840a
-
SHA256
19492b5df68b96dd4dd552f1a4735f795fa8bedef47ac95f1336d9731ec5edd2
-
SHA512
ab541f799016fcf96e89d5e64232cbc94544e777875b8d8c33a68dc058467dfd53da09b11e911a0d654e0109d4e5e353dfaaaec1753b35f6dad8a8d8be22fd02
-
SSDEEP
6144:0leWOQ+3HwOExxWFVBHtfsrIL7po8wutYF7Ke2ubf3XJvf9NGJUa/tnhn4122Irm:moXz68Le8wuOF7KeL3XJv10U4l4l
-
Xloader payload
-
Suspicious use of SetThreadContext
-