General
-
Target
1b451ba997fefd59151dcc93eae4d847_JaffaCakes118
-
Size
287KB
-
Sample
240701-pf1fzsvarr
-
MD5
1b451ba997fefd59151dcc93eae4d847
-
SHA1
9c0e8da1a4209c8f11240374fd9071332c9930d1
-
SHA256
0516959d4fff534c129567fe04d9f937d211df181c9c239fc2951dc272a7a909
-
SHA512
6f2f6ee2c7a45e2cac20e29d19d2773fcc1301c9ad67af7cac9114861a77bd423d52dd7b65f6ea99cae0defbbfcb338425e8e8252b9e4ad1fda54059d973637f
-
SSDEEP
6144:9CvDPOOgaeAtWsBqk7SQrn62ril9+j9bLfUt0DB3o6RH19Igk:9SPfgtAtNUQDhrO9+Vgt0Zok9s
Static task
static1
Behavioral task
behavioral1
Sample
1b451ba997fefd59151dcc93eae4d847_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1b451ba997fefd59151dcc93eae4d847_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1b451ba997fefd59151dcc93eae4d847_JaffaCakes118
-
Size
287KB
-
MD5
1b451ba997fefd59151dcc93eae4d847
-
SHA1
9c0e8da1a4209c8f11240374fd9071332c9930d1
-
SHA256
0516959d4fff534c129567fe04d9f937d211df181c9c239fc2951dc272a7a909
-
SHA512
6f2f6ee2c7a45e2cac20e29d19d2773fcc1301c9ad67af7cac9114861a77bd423d52dd7b65f6ea99cae0defbbfcb338425e8e8252b9e4ad1fda54059d973637f
-
SSDEEP
6144:9CvDPOOgaeAtWsBqk7SQrn62ril9+j9bLfUt0DB3o6RH19Igk:9SPfgtAtNUQDhrO9+Vgt0Zok9s
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-