General
-
Target
158b4c2bbb3efe4ce9e816c21ade145a_JaffaCakes118
-
Size
321KB
-
Sample
240627-lrvhbsvdkg
-
MD5
158b4c2bbb3efe4ce9e816c21ade145a
-
SHA1
44d06a029a9ff82e7e4aa8bef27700bd9e312f48
-
SHA256
228155c92c5d7d4209858bdb7ea1955633a12c59bd6dbb19a51e50e80760b1d3
-
SHA512
123fcf4b10d5929d6f56029f5867519cae28d91361a3d6507f3be0c3b5678c73e515aa4d028515d717a4fcef537b74cdf6179a2030277d4d630c9cfd6fbdefda
-
SSDEEP
6144:q10BVLRwvVHb9gkQQvkRuLhHc4fo9wMFPY8drs2FfqPpQTv8oKsRXPljJ24Cwx:HytHZ1LsYDgVrrxEQD8oK+/kwx
Static task
static1
Behavioral task
behavioral1
Sample
158b4c2bbb3efe4ce9e816c21ade145a_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
158b4c2bbb3efe4ce9e816c21ade145a_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
158b4c2bbb3efe4ce9e816c21ade145a_JaffaCakes118
-
Size
321KB
-
MD5
158b4c2bbb3efe4ce9e816c21ade145a
-
SHA1
44d06a029a9ff82e7e4aa8bef27700bd9e312f48
-
SHA256
228155c92c5d7d4209858bdb7ea1955633a12c59bd6dbb19a51e50e80760b1d3
-
SHA512
123fcf4b10d5929d6f56029f5867519cae28d91361a3d6507f3be0c3b5678c73e515aa4d028515d717a4fcef537b74cdf6179a2030277d4d630c9cfd6fbdefda
-
SSDEEP
6144:q10BVLRwvVHb9gkQQvkRuLhHc4fo9wMFPY8drs2FfqPpQTv8oKsRXPljJ24Cwx:HytHZ1LsYDgVrrxEQD8oK+/kwx
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-