General
-
Target
00c9bd656120b99ea11ed3bb55fa0e4a_JaffaCakes118
-
Size
719KB
-
Sample
240619-12ay1atfnc
-
MD5
00c9bd656120b99ea11ed3bb55fa0e4a
-
SHA1
e1708dfbb8f0564e4d9801f0bd8397378594d57d
-
SHA256
7e58ad24abda3f5b2aacf90eaa120e4508e65ac73df0ae54c40003fd8da59974
-
SHA512
60958104ce725d7837b2fda71811f2187204f5b69051daa549ee3bafb5c7525ac42c87a5d007512ddfc671b9ebe07d848458afc1b0bbbf6e5da17c835acced6c
-
SSDEEP
12288:/PKC7rHKtbv4CNC55PcFZkHnL6vhwsa97qNcXYaON/UN6tF3Z4mxxJm+85/39cWy:/SYKtbv4CNWbe5wsa9qe2TtQmXIv9cWy
Static task
static1
Behavioral task
behavioral1
Sample
00c9bd656120b99ea11ed3bb55fa0e4a_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00c9bd656120b99ea11ed3bb55fa0e4a_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
00c9bd656120b99ea11ed3bb55fa0e4a_JaffaCakes118
-
Size
719KB
-
MD5
00c9bd656120b99ea11ed3bb55fa0e4a
-
SHA1
e1708dfbb8f0564e4d9801f0bd8397378594d57d
-
SHA256
7e58ad24abda3f5b2aacf90eaa120e4508e65ac73df0ae54c40003fd8da59974
-
SHA512
60958104ce725d7837b2fda71811f2187204f5b69051daa549ee3bafb5c7525ac42c87a5d007512ddfc671b9ebe07d848458afc1b0bbbf6e5da17c835acced6c
-
SSDEEP
12288:/PKC7rHKtbv4CNC55PcFZkHnL6vhwsa97qNcXYaON/UN6tF3Z4mxxJm+85/39cWy:/SYKtbv4CNWbe5wsa9qe2TtQmXIv9cWy
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Suspicious use of SetThreadContext
-