General
-
Target
167fc78e77488b679b7f5a44a0df3007_JaffaCakes118
-
Size
652KB
-
Sample
240627-srfgqszcpm
-
MD5
167fc78e77488b679b7f5a44a0df3007
-
SHA1
d12cc367b0b165a6cd9ebfc743be70db6cd81f28
-
SHA256
cb772d93c42b3a9d904f72de12da263925b8b320fbfb4ddbbe1eb61dae0e76ff
-
SHA512
82a8aa7d6c7132a7e618f683e892075f96626977467bc4596004809fb13b44f72492dab76e5ac9aef8a79926d316f55da8145427f8b463e17439fbed533da0e3
-
SSDEEP
12288:Xpl9RHMmYmr48Z0emaM5DE6InIN1g56owEcSNLSi+rD+KQuF:XrImrHGDaaEbnIN1g56NyNLS7Dj9
Static task
static1
Behavioral task
behavioral1
Sample
167fc78e77488b679b7f5a44a0df3007_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
167fc78e77488b679b7f5a44a0df3007_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
167fc78e77488b679b7f5a44a0df3007_JaffaCakes118
-
Size
652KB
-
MD5
167fc78e77488b679b7f5a44a0df3007
-
SHA1
d12cc367b0b165a6cd9ebfc743be70db6cd81f28
-
SHA256
cb772d93c42b3a9d904f72de12da263925b8b320fbfb4ddbbe1eb61dae0e76ff
-
SHA512
82a8aa7d6c7132a7e618f683e892075f96626977467bc4596004809fb13b44f72492dab76e5ac9aef8a79926d316f55da8145427f8b463e17439fbed533da0e3
-
SSDEEP
12288:Xpl9RHMmYmr48Z0emaM5DE6InIN1g56owEcSNLSi+rD+KQuF:XrImrHGDaaEbnIN1g56NyNLS7Dj9
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-