General
-
Target
1d01c7f1db5381fa6ba01370f6a5d4f4_JaffaCakes118
-
Size
620KB
-
Sample
240701-3yaj6sxgpd
-
MD5
1d01c7f1db5381fa6ba01370f6a5d4f4
-
SHA1
5e643a32c4fd9c4b0d0c5296aa233ed9a57fc551
-
SHA256
30577a08cb62130bff90f1739456d47ebdb47e67bf35903cc09c3cce8eeed595
-
SHA512
10beed2a774eb091c74505cd75bcee1fc0bbb8f6b5ed4ab01f681fb28cc06bcf3834970e44be24ee8af43d57d5104e5a6b37b9ab1331d7d985030469e89ea7bc
-
SSDEEP
12288:jd0eD4rYgrF9agiCkMKK4ZuKDWNZkpGO0TJUJar:jdxD4t59fDKsb60TJ/
Behavioral task
behavioral1
Sample
1d01c7f1db5381fa6ba01370f6a5d4f4_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
1d01c7f1db5381fa6ba01370f6a5d4f4_JaffaCakes118
-
Size
620KB
-
MD5
1d01c7f1db5381fa6ba01370f6a5d4f4
-
SHA1
5e643a32c4fd9c4b0d0c5296aa233ed9a57fc551
-
SHA256
30577a08cb62130bff90f1739456d47ebdb47e67bf35903cc09c3cce8eeed595
-
SHA512
10beed2a774eb091c74505cd75bcee1fc0bbb8f6b5ed4ab01f681fb28cc06bcf3834970e44be24ee8af43d57d5104e5a6b37b9ab1331d7d985030469e89ea7bc
-
SSDEEP
12288:jd0eD4rYgrF9agiCkMKK4ZuKDWNZkpGO0TJUJar:jdxD4t59fDKsb60TJ/
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-