General
-
Target
17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118
-
Size
512KB
-
Sample
240627-3clejsxglc
-
MD5
17ead8e9d6b2ac70a963a2bfe55b3eb3
-
SHA1
8d262a304a46c2a90f00ca2fe6b94c93d43efb70
-
SHA256
1648c32d086f9b4af712a6c8b3ab4c0eec2071d538e6002c403f99e4e26b4635
-
SHA512
aeb6bb0c4a4dfc9feed23a60c16cd9c182db6eb610d740813a3eed5c421167470caf98da933faffbae91a070d2c9492a50790fa9bc2b931da13726532bdb368f
-
SSDEEP
12288:Re96JkRrBzE4LZA3mGwUOOgRBWc3c/m3mGAL7OARBWLDa:Re9syzLaWMSn1zWDlnb
Static task
static1
Behavioral task
behavioral1
Sample
17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118
-
Size
512KB
-
MD5
17ead8e9d6b2ac70a963a2bfe55b3eb3
-
SHA1
8d262a304a46c2a90f00ca2fe6b94c93d43efb70
-
SHA256
1648c32d086f9b4af712a6c8b3ab4c0eec2071d538e6002c403f99e4e26b4635
-
SHA512
aeb6bb0c4a4dfc9feed23a60c16cd9c182db6eb610d740813a3eed5c421167470caf98da933faffbae91a070d2c9492a50790fa9bc2b931da13726532bdb368f
-
SSDEEP
12288:Re96JkRrBzE4LZA3mGwUOOgRBWc3c/m3mGAL7OARBWLDa:Re9syzLaWMSn1zWDlnb
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Suspicious use of SetThreadContext
-