General
-
Target
01c2902659671071d9c607de8067ae5c_JaffaCakes118
-
Size
306KB
-
Sample
240620-b2k2ja1glb
-
MD5
01c2902659671071d9c607de8067ae5c
-
SHA1
92264d6427cbb6c7da6173332f2672a3071ff4aa
-
SHA256
aeffe55ac5ad1dcce48c5f9732234b95e1dae5df5761d7d406be1990558501e7
-
SHA512
0a65f81a27384f0ba15b20aa184b2c88a946c6d8f5122b3430ebfde534625201cef106dcd0736e2882c4122b12cd309dac1677eea7d485b65b9ccf8f44cc961a
-
SSDEEP
6144:wQ0IBnz/hXNlJiSchd2wZJRYbQ15kGaBQyQbypTpT7pW4XTPqdyuzVl:w/IJZfJfESbQ15kGwObGtfX0yuZ
Static task
static1
Behavioral task
behavioral1
Sample
01c2902659671071d9c607de8067ae5c_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
01c2902659671071d9c607de8067ae5c_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
01c2902659671071d9c607de8067ae5c_JaffaCakes118
-
Size
306KB
-
MD5
01c2902659671071d9c607de8067ae5c
-
SHA1
92264d6427cbb6c7da6173332f2672a3071ff4aa
-
SHA256
aeffe55ac5ad1dcce48c5f9732234b95e1dae5df5761d7d406be1990558501e7
-
SHA512
0a65f81a27384f0ba15b20aa184b2c88a946c6d8f5122b3430ebfde534625201cef106dcd0736e2882c4122b12cd309dac1677eea7d485b65b9ccf8f44cc961a
-
SSDEEP
6144:wQ0IBnz/hXNlJiSchd2wZJRYbQ15kGaBQyQbypTpT7pW4XTPqdyuzVl:w/IJZfJfESbQ15kGwObGtfX0yuZ
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-