General
-
Target
196f5f630f1f9fb8ed04227e53fe583a_JaffaCakes118
-
Size
578KB
-
Sample
240628-j828dszbrb
-
MD5
196f5f630f1f9fb8ed04227e53fe583a
-
SHA1
41dd640c6cde35d955b03c1d53814e7d2713640b
-
SHA256
57e3956317cbe4bdfda14e3a7df0e05d5ceb0a7735c923eb590e15be1f2aa645
-
SHA512
c3c3ba34ff8ac6c569a1eb7b94d2ecb4bab7e22eb1377fc955d4d3c74386ea1987223d22c706a2b4c4f8bcdc40dd74610a3cf2da4d81964df619c5afb3ba76ef
-
SSDEEP
12288:mO7Ks6/h4a5tJqU7yYqfPHX4j7GLBF3Z4mxx4DqVTVOC8:Es6/fHkU7yfom1QmXfVTz8
Behavioral task
behavioral1
Sample
196f5f630f1f9fb8ed04227e53fe583a_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
196f5f630f1f9fb8ed04227e53fe583a_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
196f5f630f1f9fb8ed04227e53fe583a_JaffaCakes118
-
Size
578KB
-
MD5
196f5f630f1f9fb8ed04227e53fe583a
-
SHA1
41dd640c6cde35d955b03c1d53814e7d2713640b
-
SHA256
57e3956317cbe4bdfda14e3a7df0e05d5ceb0a7735c923eb590e15be1f2aa645
-
SHA512
c3c3ba34ff8ac6c569a1eb7b94d2ecb4bab7e22eb1377fc955d4d3c74386ea1987223d22c706a2b4c4f8bcdc40dd74610a3cf2da4d81964df619c5afb3ba76ef
-
SSDEEP
12288:mO7Ks6/h4a5tJqU7yYqfPHX4j7GLBF3Z4mxx4DqVTVOC8:Es6/fHkU7yfom1QmXfVTz8
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-