General
-
Target
1ab5b3684755f46459f79f014f3dca5e_JaffaCakes118
-
Size
1.7MB
-
Sample
240701-k3hggasgqb
-
MD5
1ab5b3684755f46459f79f014f3dca5e
-
SHA1
0ac2a51d3f45637a335f4604202764d63e493568
-
SHA256
93782200f0a943f6449c7ae49aa90536d18e76ecaa270ff550eac6ce348d170d
-
SHA512
25861a57302c8ca6806d58d52ca5deaa991b18763dd735291300675bc3d890d7176c85116b19c276e1f220c0d3f130e56a42b1b1fb11f0b5d09b4a12c4916912
-
SSDEEP
24576:dMJzMCzS5w4bVPHgU7xUuAWRWnDH0jXkx5M524CneX8Q3SJkt7kgBRchqBjHx:dKz8p2yuuAWRWj0jQ5MlCqAgBREEjR
Static task
static1
Behavioral task
behavioral1
Sample
1ab5b3684755f46459f79f014f3dca5e_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1ab5b3684755f46459f79f014f3dca5e_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1ab5b3684755f46459f79f014f3dca5e_JaffaCakes118
-
Size
1.7MB
-
MD5
1ab5b3684755f46459f79f014f3dca5e
-
SHA1
0ac2a51d3f45637a335f4604202764d63e493568
-
SHA256
93782200f0a943f6449c7ae49aa90536d18e76ecaa270ff550eac6ce348d170d
-
SHA512
25861a57302c8ca6806d58d52ca5deaa991b18763dd735291300675bc3d890d7176c85116b19c276e1f220c0d3f130e56a42b1b1fb11f0b5d09b4a12c4916912
-
SSDEEP
24576:dMJzMCzS5w4bVPHgU7xUuAWRWnDH0jXkx5M524CneX8Q3SJkt7kgBRchqBjHx:dKz8p2yuuAWRWj0jQ5MlCqAgBREEjR
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-