General
-
Target
0c377447f098f43601e8c21609c41e1c_JaffaCakes118
-
Size
228KB
-
Sample
241002-yf49lsxbka
-
MD5
0c377447f098f43601e8c21609c41e1c
-
SHA1
8da17dacc87338c630430071efe7850ef34c0184
-
SHA256
3adaa1111196714a172b66f0deb9013f5b86c1671a7d126b69703d64e358f624
-
SHA512
b8746e95f87b7e948db46d4270ee10dc9a6fa1ef9e97defeda2a27053523928c9e8c79371799c2eb48569ca4f983801e15fd476de1a15f2b5c7e65703d32fdb0
-
SSDEEP
3072:/6HGteVUP/qOu43gC4S9HbJhElye1x8JtVTrrTlznlAPOwJFnS1mekUZPPRkTRKF:/dQOJu4wC3tfVSQnl6JFnom3UtPSTRSL
Static task
static1
Behavioral task
behavioral1
Sample
0c377447f098f43601e8c21609c41e1c_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0c377447f098f43601e8c21609c41e1c_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
xloader
2.3
ieqo
new-post-25782.xyz
podcastrrr.com
babyspageelong.com
boaddeo.club
distribuzionemedica.com
peaceofminderbinder.com
abbyrosemusic.com
odessawildliferemoval.com
prosperasight.com
liibbyapp.com
shandaferguson.com
kirsehiryenihaber.com
secured07b-chase.com
leanonmelifeadvice.com
securemtgs.com
temgk255.space
lunasparallevar.com
transportesdario.com
redwork.club
directopolis.com
sorevcbns.com
bibliothecadigital.com
theagileconfessional.com
lebottindesentreprises.com
dvd-org.com
1ajycapital.com
nailquan2.com
javacoffeebeans.com
sizish.com
susannhaehnel.net
gouaya.com
marvelstrikeclub.com
catwalkangels.com
runlywood-nambda.icu
hongfengjmzz.com
reviveyourride-detailing.com
x93snefkb9.com
irsettlement.com
injurylawyersnm.com
zhcc.ltd
homerivercommercial.com
drkitange.com
atauysal.com
sleekedup.net
ez-insurance-quotes.com
lumber-pt.com
citi-star.taxi
chimaratransport.com
absbropaul.com
jewelsbybri.com
racevc.com
buyer-centric.com
viableprocedure.com
paarlstudio.com
thinbluelinepatriots.com
crowtzequipped.com
missioncareasia.com
tesrvstorage.com
xn--zfrz5x6lhwxt66f.tech
mansmoon.com
werkstrand.cloud
amoscontent.com
exainc.net
cigartent.com
rukreditpay.com
Targets
-
-
Target
0c377447f098f43601e8c21609c41e1c_JaffaCakes118
-
Size
228KB
-
MD5
0c377447f098f43601e8c21609c41e1c
-
SHA1
8da17dacc87338c630430071efe7850ef34c0184
-
SHA256
3adaa1111196714a172b66f0deb9013f5b86c1671a7d126b69703d64e358f624
-
SHA512
b8746e95f87b7e948db46d4270ee10dc9a6fa1ef9e97defeda2a27053523928c9e8c79371799c2eb48569ca4f983801e15fd476de1a15f2b5c7e65703d32fdb0
-
SSDEEP
3072:/6HGteVUP/qOu43gC4S9HbJhElye1x8JtVTrrTlznlAPOwJFnS1mekUZPPRkTRKF:/dQOJu4wC3tfVSQnl6JFnom3UtPSTRSL
-
Xloader payload
-
Suspicious use of SetThreadContext
-