General
-
Target
01009c944ecb64a5254745a11a1a29a7_JaffaCakes118
-
Size
37KB
-
Sample
240619-2vw4bszenj
-
MD5
01009c944ecb64a5254745a11a1a29a7
-
SHA1
d157047b7b4ad7b10b53e384c385aa3d340ccef2
-
SHA256
f7f76560c10e890681c96ed629c0ef35c93b2ba982eeeebe366e3414c86316ef
-
SHA512
6aa0bb28aa06c06433e135faf37b24fc63606d915590a8a08c2ea64132ed6805da264f64258390e95374bf690bfb8346c77cd8e3daecaf82fa7b3090e6ad26a0
-
SSDEEP
768:lA8JqBjJh8wd2Q8Esskb5mdKO+fLkf/xd0S+Eadpi:lsVGs4HfwnxL3adw
Behavioral task
behavioral1
Sample
01009c944ecb64a5254745a11a1a29a7_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
01009c944ecb64a5254745a11a1a29a7_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
01009c944ecb64a5254745a11a1a29a7_JaffaCakes118
-
Size
37KB
-
MD5
01009c944ecb64a5254745a11a1a29a7
-
SHA1
d157047b7b4ad7b10b53e384c385aa3d340ccef2
-
SHA256
f7f76560c10e890681c96ed629c0ef35c93b2ba982eeeebe366e3414c86316ef
-
SHA512
6aa0bb28aa06c06433e135faf37b24fc63606d915590a8a08c2ea64132ed6805da264f64258390e95374bf690bfb8346c77cd8e3daecaf82fa7b3090e6ad26a0
-
SSDEEP
768:lA8JqBjJh8wd2Q8Esskb5mdKO+fLkf/xd0S+Eadpi:lsVGs4HfwnxL3adw
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-