General
-
Target
01edae7572bd3dcad70155d3b988f63b_JaffaCakes118
-
Size
258KB
-
Sample
240930-sa3kya1drp
-
MD5
01edae7572bd3dcad70155d3b988f63b
-
SHA1
54535c80179fad6b92ee7d1378a5865c4c3b3999
-
SHA256
3cf9356a4b252073db553cfc05544213078ba8ede54eaa45ab83637d86fdd948
-
SHA512
f7cb116243da0563f7e4e3cfa73cf6106738bf5e1d9b6a15af615ad284dc8963061889c1ae99a2b4a382e0179b88e32b435683db40559e2f490ec96cd035e0d3
-
SSDEEP
6144:d1ZIA0NUuoAzOgv19kwnG+XnRabukHQWpHpshHwipISW:d1+RNUE9kwnGqR/kwsJ5SW
Static task
static1
Behavioral task
behavioral1
Sample
01edae7572bd3dcad70155d3b988f63b_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
01edae7572bd3dcad70155d3b988f63b_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
xloader
2.3
enmm
westcorinnewater.com
secretosdebolsa.com
carolineeyguthrie.com
fuzion.events
reatour.com
alertfirerescue.com
gd-dw.com
christian-glass.com
herbandflour.com
ttingjab.com
xn--gmq18di80c2lb.com
usabilitykitchen.com
liverpoolbeautyco.com
yyb.one
egeemlak.net
news-crunch.com
johneflix.com
lionlegalsolutions.com
doikatsuman.net
cyberlegalofficer.com
carlinjacob.com
viiokey.com
lajm365.com
behind-the-pink-door.com
33cobblestone.com
merdoryinternational.com
caraccidentslawyernearme.com
advantagewow.com
ndblife.com
kingdom-kutz.com
sportizza.com
castellhotelec.com
saintroleplay.com
urbanaffirmation-active.com
formaciondixital.com
superocr.com
equipmentmarketexchange.com
westherrcars.com
kinstabilling.com
loyallane.com
ntxfalcons.com
capexc.com
fantasticmoment.com
ambassea.com
roofs2gousa.com
abrosnm3.com
kylecandoit.com
sfdema.com
sinmobile.com
alittleforkedup.com
cordeliapiano.com
theorchardrealestate.com
vrindaarticles.com
onesave.club
fedcoach.info
swavedon.com
disordered.media
pepsngo.net
feeltel.com
idowasd.com
8zx4p2kfxx965.net
celfcentrodeformacao.com
xxq238.com
188ciervo.com
lovecarder.com
Targets
-
-
Target
01edae7572bd3dcad70155d3b988f63b_JaffaCakes118
-
Size
258KB
-
MD5
01edae7572bd3dcad70155d3b988f63b
-
SHA1
54535c80179fad6b92ee7d1378a5865c4c3b3999
-
SHA256
3cf9356a4b252073db553cfc05544213078ba8ede54eaa45ab83637d86fdd948
-
SHA512
f7cb116243da0563f7e4e3cfa73cf6106738bf5e1d9b6a15af615ad284dc8963061889c1ae99a2b4a382e0179b88e32b435683db40559e2f490ec96cd035e0d3
-
SSDEEP
6144:d1ZIA0NUuoAzOgv19kwnG+XnRabukHQWpHpshHwipISW:d1+RNUE9kwnGqR/kwsJ5SW
-
Xloader payload
-
Suspicious use of SetThreadContext
-