General
-
Target
1a07df94b15350a6f819781c0a8ea4ad_JaffaCakes118
-
Size
682KB
-
Sample
240628-n5qgmsybkb
-
MD5
1a07df94b15350a6f819781c0a8ea4ad
-
SHA1
66a5a27c556c4fc96abbb6875e26803a2ac19941
-
SHA256
5b7ec1fb9370aa03341d9038a277b91f59397d82653c6a86196ef0bb8f27385c
-
SHA512
d6096c051c0cb66f31761a5294bee47356bc6e0b629edf4aeef952e898861ba24322d9eb1f34935ca8b74496910fd180d082516e38d5c7cfaabb000f8cc4e6f1
-
SSDEEP
12288:givphvb0GylW733zig49ICSoQqMe82FANisxF3Z4mxxxDqVTVOC+:giHAGUyPaIrWMe82WdQmX4VTz+
Static task
static1
Behavioral task
behavioral1
Sample
1a07df94b15350a6f819781c0a8ea4ad_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1a07df94b15350a6f819781c0a8ea4ad_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1a07df94b15350a6f819781c0a8ea4ad_JaffaCakes118
-
Size
682KB
-
MD5
1a07df94b15350a6f819781c0a8ea4ad
-
SHA1
66a5a27c556c4fc96abbb6875e26803a2ac19941
-
SHA256
5b7ec1fb9370aa03341d9038a277b91f59397d82653c6a86196ef0bb8f27385c
-
SHA512
d6096c051c0cb66f31761a5294bee47356bc6e0b629edf4aeef952e898861ba24322d9eb1f34935ca8b74496910fd180d082516e38d5c7cfaabb000f8cc4e6f1
-
SSDEEP
12288:givphvb0GylW733zig49ICSoQqMe82FANisxF3Z4mxxxDqVTVOC+:giHAGUyPaIrWMe82WdQmX4VTz+
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-