General
-
Target
1ae1e9c3a2ec5820e2d96a278eac562e_JaffaCakes118
-
Size
342KB
-
Sample
240701-l5wybayejq
-
MD5
1ae1e9c3a2ec5820e2d96a278eac562e
-
SHA1
4b922229ca4b5a6743510965ddb652f9b3a26567
-
SHA256
e50552f530a6be498748859e8e65a5baaf2dc7f5287c2004b4fc076264469837
-
SHA512
5ed5d4ebcee83dcb203da62b1f9b24bcd11af179dd41edc32d24113c846e0782e7f45f2579fb7c1cfaf5273189e3f720d92c958d1a62dc3a94fcd3087210d89e
-
SSDEEP
6144:C4XQxS2b4Y7C1vtx/9xCVLGKwd63tPlQuk0+4ko2pftDv8wt3FeVBjxWOj:C4sVbj7CRP/9xsLtDtU0J2TkyFeVBlWA
Static task
static1
Behavioral task
behavioral1
Sample
1ae1e9c3a2ec5820e2d96a278eac562e_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1ae1e9c3a2ec5820e2d96a278eac562e_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1ae1e9c3a2ec5820e2d96a278eac562e_JaffaCakes118
-
Size
342KB
-
MD5
1ae1e9c3a2ec5820e2d96a278eac562e
-
SHA1
4b922229ca4b5a6743510965ddb652f9b3a26567
-
SHA256
e50552f530a6be498748859e8e65a5baaf2dc7f5287c2004b4fc076264469837
-
SHA512
5ed5d4ebcee83dcb203da62b1f9b24bcd11af179dd41edc32d24113c846e0782e7f45f2579fb7c1cfaf5273189e3f720d92c958d1a62dc3a94fcd3087210d89e
-
SSDEEP
6144:C4XQxS2b4Y7C1vtx/9xCVLGKwd63tPlQuk0+4ko2pftDv8wt3FeVBjxWOj:C4sVbj7CRP/9xsLtDtU0J2TkyFeVBlWA
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-