General
-
Target
c1a77dddf52f12af022d82471e6bdf19_JaffaCakes118
-
Size
864KB
-
Sample
240825-1mp5dawhke
-
MD5
c1a77dddf52f12af022d82471e6bdf19
-
SHA1
c39c5f47d73dd8a0b7fd2ebaad7a7b57a92d0ea0
-
SHA256
5528ee96b8cefda8ec99999701a1673fb0dff17a8e603f2c8ccd3abac08f7489
-
SHA512
b0825bccffaa39791d19919f0ae3f95f384c9da6aad24f50d3623267da266ddde95eb7f0d3777e33cc013a0fe770230a8e03501b7b32d1834528b61af14b60cb
-
SSDEEP
24576:BM94rYW6Z7iYtU+wkx8JwKD84r9kMXW+mj:mnZ7iYtCwi8SHvmj
Static task
static1
Behavioral task
behavioral1
Sample
c1a77dddf52f12af022d82471e6bdf19_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
xloader
2.3
uidr
dulichsongcham.com
cash-royal.com
geneseewildlifetrapping.com
9cc9x79m3y2.com
ntjjzx.com
joinglooko.com
upmchealhtrak.com
hookandcask.com
orca-web.com
ag3holdings.com
empoweredinvestmentstx.com
lustywall.com
rcpelaurentides.com
goyalcoorchidnirvanatwo.homes
iotajinn.com
littlemlive.com
hippocratesbio.com
ashleysema.design
175a45.xyz
bpocompaniesphilippines.com
leadmorecommunity.com
mrbobscleaning.com
newdistributorbbc.com
lxhfzy.com
physicianrepresentative.com
integrative-teletherapy.com
selllasheswithla.com
dbxff.com
pinewayorganics.com
bepongbeo.com
dbrulhart.com
thereallynicepeople.com
kakilangit.net
mndesignw.com
send86cells.com
gakkard.com
blacktiers.com
2603083932.xyz
tailoredlacedwigs.com
gaypridebusinessdirectory.com
cowbex.info
lakecharlestreeservices.com
4tza1.com
rimlyane.com
babadoes.com
missteenagerworld.com
womenreadytomove.com
connectingdaybyday.com
paygss.net
cachavachaayd.com
xn--80aaatqunmdeu5n.xn--p1acf
zxr.xyz
baignoire.sucks
analystsguild.com
60ro9e.com
goplaytolearn.com
virtualcarerehab.wiki
fschaogang.com
181215.com
theinlandempirelifestyle.com
laluccasa.com
bflat-store.com
frontrangespiceco.com
carrierocommerical.com
ios.run
Targets
-
-
Target
c1a77dddf52f12af022d82471e6bdf19_JaffaCakes118
-
Size
864KB
-
MD5
c1a77dddf52f12af022d82471e6bdf19
-
SHA1
c39c5f47d73dd8a0b7fd2ebaad7a7b57a92d0ea0
-
SHA256
5528ee96b8cefda8ec99999701a1673fb0dff17a8e603f2c8ccd3abac08f7489
-
SHA512
b0825bccffaa39791d19919f0ae3f95f384c9da6aad24f50d3623267da266ddde95eb7f0d3777e33cc013a0fe770230a8e03501b7b32d1834528b61af14b60cb
-
SSDEEP
24576:BM94rYW6Z7iYtU+wkx8JwKD84r9kMXW+mj:mnZ7iYtCwi8SHvmj
-
Xloader payload
-
Suspicious use of SetThreadContext
-