General
-
Target
1e261f8eb8adfcc98a2e932200bbb267_JaffaCakes118
-
Size
136KB
-
Sample
240702-f6vtraxhrb
-
MD5
1e261f8eb8adfcc98a2e932200bbb267
-
SHA1
cb4a8db355c8d337d12cfdc59104d0a27a986537
-
SHA256
714197487ba558ade3afd4d25cf4db3c4aee69debe45c181fbbfc5b46aa3b934
-
SHA512
586d0b6c5f164acf38b86450839306f3ff698781eda1791d7ccaba9c6b35ae347d4f873d637a8239452e30ba59e6718fb18487d356ca9689a86eac993eb333ed
-
SSDEEP
3072:M3JlTHTTmObj0TrnFt9c4wsdMhuEkGZN0Gk5ADDI7eG+:OJ1Tmk011wsqkGZN0XADD2+
Static task
static1
Behavioral task
behavioral1
Sample
1e261f8eb8adfcc98a2e932200bbb267_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1e261f8eb8adfcc98a2e932200bbb267_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1e261f8eb8adfcc98a2e932200bbb267_JaffaCakes118
-
Size
136KB
-
MD5
1e261f8eb8adfcc98a2e932200bbb267
-
SHA1
cb4a8db355c8d337d12cfdc59104d0a27a986537
-
SHA256
714197487ba558ade3afd4d25cf4db3c4aee69debe45c181fbbfc5b46aa3b934
-
SHA512
586d0b6c5f164acf38b86450839306f3ff698781eda1791d7ccaba9c6b35ae347d4f873d637a8239452e30ba59e6718fb18487d356ca9689a86eac993eb333ed
-
SSDEEP
3072:M3JlTHTTmObj0TrnFt9c4wsdMhuEkGZN0Gk5ADDI7eG+:OJ1Tmk011wsqkGZN0XADD2+
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-