General
-
Target
e4e54b18b86e81b2310c4bbe71cd545e_JaffaCakes118
-
Size
708KB
-
Sample
240407-pb7dqscg66
-
MD5
e4e54b18b86e81b2310c4bbe71cd545e
-
SHA1
52aedcd203c2bca84cf27343c5cf60a066b4246f
-
SHA256
73de6fd8f784b8833c0cad0b8051cb2272b13db552d3eefd5124c911b121e6fd
-
SHA512
8d8446399f1b7c9858b1fa0b1f1b9480a5b887ebf1d2a75001baff2b3ae111c08dc26ce96f42eb89c5eaa86cf56136f87ea25b725862a61bad4ac0e46881e819
-
SSDEEP
12288:ampHss/3uwhZmIafnWGokCiKPBoPz8n8qpq0+CyRTzIzQ4S7YUv97rrlMHKdt:ampH7/3pZWnWfM+Bczm5pX+CyizQ4S7J
Static task
static1
Behavioral task
behavioral1
Sample
e4e54b18b86e81b2310c4bbe71cd545e_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
e4e54b18b86e81b2310c4bbe71cd545e_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e4e54b18b86e81b2310c4bbe71cd545e_JaffaCakes118
-
Size
708KB
-
MD5
e4e54b18b86e81b2310c4bbe71cd545e
-
SHA1
52aedcd203c2bca84cf27343c5cf60a066b4246f
-
SHA256
73de6fd8f784b8833c0cad0b8051cb2272b13db552d3eefd5124c911b121e6fd
-
SHA512
8d8446399f1b7c9858b1fa0b1f1b9480a5b887ebf1d2a75001baff2b3ae111c08dc26ce96f42eb89c5eaa86cf56136f87ea25b725862a61bad4ac0e46881e819
-
SSDEEP
12288:ampHss/3uwhZmIafnWGokCiKPBoPz8n8qpq0+CyRTzIzQ4S7YUv97rrlMHKdt:ampH7/3pZWnWfM+Bczm5pX+CyizQ4S7J
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-