General
-
Target
4077e3d5f9c40a972fbcc013991f324a_JaffaCakes118
-
Size
1.5MB
-
Sample
241013-r7ve6asbld
-
MD5
4077e3d5f9c40a972fbcc013991f324a
-
SHA1
6cc2be0cf870a3ab5fc92e73a66d48c12352a753
-
SHA256
dba4d76fb1d049ea4f4a3c447d9141489305594eef26f2e175b696ac620c59bf
-
SHA512
afd1431ebd8b93d9a4f29a95bdaa0c50a9a6e8daaf9961aa02ca7fce143a0fcead3c66c73575088f7501f430f07c6cbb3362f8b317996c313c0c68559d8897b9
-
SSDEEP
12288:v+q3bFCO9bHBa3AWZavABd0YItKOxZsSbWQdOm//8xLrQ6H+yy1Susr8MmH3j5Q:R19bHBiHj6cOxvbWQd9/EFMZLS5R0
Static task
static1
Behavioral task
behavioral1
Sample
4077e3d5f9c40a972fbcc013991f324a_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
xloader
2.3
m7gs
goodxxxhigh.com
blun33.com
mcbt328.com
sxtdba.com
sagalocal.icu
spentonindustries.com
greatexpectationssouthshore.com
herzenco.com
duoxizhe.com
h-mawari.net
jeevicain.com
sculpted-vegan.net
vipchainwallet.com
smartanalytics.info
jiujirat.com
canhoquan8-centralpremium.com
pasarandir.com
mario17331.com
dillonsavage.com
ladiesboxx.com
theskinnytype.com
nucanmaple.com
studiotaimdesign.com
slideclubpolo.com
letsmovevietnam.com
nguoivosu.com
jesus-couture.com
xawtjd.com
admin-pethnampong.com
gcpwi.com
t-storms1.com
unesalleobscure.com
laura-claim.com
epc-scot.com
aqhuayuan.com
incredihomes.com
grptradinggold.com
kalotemo.com
sieuphamnaga.club
alabaj.info
butwhatdidyoulearn.com
madhurbazar.website
mrgreenwayhome.com
nowprepared.net
stealthshop.net
pinktoiletpaper.com
campershop-ec.com
greatnwrates.info
816savillerowterrace.com
bebonzer.com
centrdina.com
surveyfind4.club
doicard365.com
fitfromhomestore.com
festivalsofkerala.com
businessbison.com
ismailonline.com
coastebikes.com
jacobhirata.com
mordernhealth.com
xn--80ailshehb3a.xn--p1acf
homcraftz.com
votegoat.vote
radiobenditaesperanza.net
irelandmotorsports.co.uk
Targets
-
-
Target
4077e3d5f9c40a972fbcc013991f324a_JaffaCakes118
-
Size
1.5MB
-
MD5
4077e3d5f9c40a972fbcc013991f324a
-
SHA1
6cc2be0cf870a3ab5fc92e73a66d48c12352a753
-
SHA256
dba4d76fb1d049ea4f4a3c447d9141489305594eef26f2e175b696ac620c59bf
-
SHA512
afd1431ebd8b93d9a4f29a95bdaa0c50a9a6e8daaf9961aa02ca7fce143a0fcead3c66c73575088f7501f430f07c6cbb3362f8b317996c313c0c68559d8897b9
-
SSDEEP
12288:v+q3bFCO9bHBa3AWZavABd0YItKOxZsSbWQdOm//8xLrQ6H+yy1Susr8MmH3j5Q:R19bHBiHj6cOxvbWQd9/EFMZLS5R0
-
Xloader payload
-
Suspicious use of SetThreadContext
-