General
-
Target
09b08ef9cc21337e994d034e0d89fcb9_JaffaCakes118
-
Size
685KB
-
Sample
240620-12bwastcpl
-
MD5
09b08ef9cc21337e994d034e0d89fcb9
-
SHA1
e0bdb668fc9641aabf48084b09b8f8e88cef1043
-
SHA256
44f7f0b048b37ccde8b257eeca4156e96aee9e3e8b43ad0a23de8215c46459e2
-
SHA512
b8f68263167f57ba33844618f8ef754b3c81a5cc8c57b3a3c64e69b474714ac42b07e8dda0e66eaa23a21210943df27d266191d0acf00bd3dce82ec9619e1b92
-
SSDEEP
12288:iJ9KSBADXsTZmUwpnLLYjFVN2e0jZACuxEMbSW9rWNgvEmzpmzWMR:8A7im9/AFj70SHx7WW9XvEksR
Static task
static1
Behavioral task
behavioral1
Sample
09b08ef9cc21337e994d034e0d89fcb9_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
09b08ef9cc21337e994d034e0d89fcb9_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
09b08ef9cc21337e994d034e0d89fcb9_JaffaCakes118
-
Size
685KB
-
MD5
09b08ef9cc21337e994d034e0d89fcb9
-
SHA1
e0bdb668fc9641aabf48084b09b8f8e88cef1043
-
SHA256
44f7f0b048b37ccde8b257eeca4156e96aee9e3e8b43ad0a23de8215c46459e2
-
SHA512
b8f68263167f57ba33844618f8ef754b3c81a5cc8c57b3a3c64e69b474714ac42b07e8dda0e66eaa23a21210943df27d266191d0acf00bd3dce82ec9619e1b92
-
SSDEEP
12288:iJ9KSBADXsTZmUwpnLLYjFVN2e0jZACuxEMbSW9rWNgvEmzpmzWMR:8A7im9/AFj70SHx7WW9XvEksR
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-