General
-
Target
09e14f639091fe91d590adfaba2cf2d9_JaffaCakes118
-
Size
685KB
-
Sample
240620-2kj11svcnp
-
MD5
09e14f639091fe91d590adfaba2cf2d9
-
SHA1
4ba809be6976027c6ec8c5690fac2abb9aeb4947
-
SHA256
523f5475cbf881123bdb0a82c41ccbec3ce61dbc3ca07488cadf8a53db873492
-
SHA512
e46d6b438e2069138e7a342f2826a5be2a3e4da77bba151f30aa4f01a7671c5a04a9a867a71f649e33935d3d153c7ef71caf9a3be5ad2c0495e04a3e46158387
-
SSDEEP
12288:rGcPujnhhgQ/B3gJQu7BU81TYrKCG2smAF3Z4mxxFBzYaoA5dFXV6+YHI:rXKsQ/907JhYrtkpQmXTzdoOFV6E
Static task
static1
Behavioral task
behavioral1
Sample
09e14f639091fe91d590adfaba2cf2d9_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
09e14f639091fe91d590adfaba2cf2d9_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
09e14f639091fe91d590adfaba2cf2d9_JaffaCakes118
-
Size
685KB
-
MD5
09e14f639091fe91d590adfaba2cf2d9
-
SHA1
4ba809be6976027c6ec8c5690fac2abb9aeb4947
-
SHA256
523f5475cbf881123bdb0a82c41ccbec3ce61dbc3ca07488cadf8a53db873492
-
SHA512
e46d6b438e2069138e7a342f2826a5be2a3e4da77bba151f30aa4f01a7671c5a04a9a867a71f649e33935d3d153c7ef71caf9a3be5ad2c0495e04a3e46158387
-
SSDEEP
12288:rGcPujnhhgQ/B3gJQu7BU81TYrKCG2smAF3Z4mxxFBzYaoA5dFXV6+YHI:rXKsQ/907JhYrtkpQmXTzdoOFV6E
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-