General
-
Target
1e9abc0298b48f0bce6fd1eda952bcc6_JaffaCakes118
-
Size
730KB
-
Sample
240702-j6edjsteqd
-
MD5
1e9abc0298b48f0bce6fd1eda952bcc6
-
SHA1
c7562319b82e229695cf1c6b28809e085d5e3333
-
SHA256
bf238343edf3e0c4c9c211a8c55e57879282518af26820215b5a7b4c257970d2
-
SHA512
3b05f806b972347d437888dbbeb4d50ad3b0c33b346021b44b920de846d453a1a8963b93beebb58641c06684211ed66ef7abcb4e04ce15dce48ad195670fe5bc
-
SSDEEP
12288:P/HaRhu7vbyn275Ds+BPT6SwRrzr5C/CD2SyatxamcsjykdSNsEFg4gax9aCSpV:P/Zeu6GPTcR9CaiaqmcsjFS1FgtSCn
Static task
static1
Behavioral task
behavioral1
Sample
1e9abc0298b48f0bce6fd1eda952bcc6_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
1e9abc0298b48f0bce6fd1eda952bcc6_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1e9abc0298b48f0bce6fd1eda952bcc6_JaffaCakes118
-
Size
730KB
-
MD5
1e9abc0298b48f0bce6fd1eda952bcc6
-
SHA1
c7562319b82e229695cf1c6b28809e085d5e3333
-
SHA256
bf238343edf3e0c4c9c211a8c55e57879282518af26820215b5a7b4c257970d2
-
SHA512
3b05f806b972347d437888dbbeb4d50ad3b0c33b346021b44b920de846d453a1a8963b93beebb58641c06684211ed66ef7abcb4e04ce15dce48ad195670fe5bc
-
SSDEEP
12288:P/HaRhu7vbyn275Ds+BPT6SwRrzr5C/CD2SyatxamcsjykdSNsEFg4gax9aCSpV:P/Zeu6GPTcR9CaiaqmcsjFS1FgtSCn
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-