Behavioral task
behavioral1
Sample
bb695ee928b7abcea975df55c40dcc18_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
bb695ee928b7abcea975df55c40dcc18_JaffaCakes118.exe
Resource
win10v2004-20240611-en
General
-
Target
bb695ee928b7abcea975df55c40dcc18_JaffaCakes118
-
Size
1.3MB
-
MD5
bb695ee928b7abcea975df55c40dcc18
-
SHA1
5f58846c9995297d17da7160aed39d57873df921
-
SHA256
147757b80f73247be6a9ded7131fc03530fdf423d19831c6f7a7454fa678795d
-
SHA512
a869d85246c98bb455ee5bce475bdc79adeca868c85a3aceceadc9edd6f87e189bea7712c298ab322f29bb399ff62576a6671ee0904cfd7e1b1152b5ffcb1124
-
SSDEEP
12288:aiF+l5B9R6/9a30i8zKAtIUnCN9oLus9hddSyyPNK/smcDi81S:ai+hR6/IEi6KAuaCoKQVVyPw0mCi80
Malware Config
Signatures
-
ModiLoader Second Stage 1 IoCs
Processes:
resource yara_rule sample modiloader_stage2 -
Modiloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource bb695ee928b7abcea975df55c40dcc18_JaffaCakes118
Files
-
bb695ee928b7abcea975df55c40dcc18_JaffaCakes118.exe windows:0 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ