General
-
Target
023e805f79e214fdfecde1bc0ee86c2b_JaffaCakes118
-
Size
623KB
-
Sample
240620-dhlvtsvflg
-
MD5
023e805f79e214fdfecde1bc0ee86c2b
-
SHA1
5789a4c4da3c6409711de3cef7d099f639b2a638
-
SHA256
1e963a71db1a6c0ff84fd42394b66552557226d6df06497a6367909b8ae278ed
-
SHA512
ee0db1355193e342250581c668315c3c8ce4472cdde442d6e85d641b71438c6fb4921115fa6286fcab6bddadc44d7217e7486985aa4cf2267bf11d0ee9e651bf
-
SSDEEP
12288:+w8soU9ORlkIChQ5cp+337lRt2Qsxa42tRU47RvWN2OjX:H8soU9O/kICbpMzfW4VDOjX
Static task
static1
Behavioral task
behavioral1
Sample
023e805f79e214fdfecde1bc0ee86c2b_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
023e805f79e214fdfecde1bc0ee86c2b_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
023e805f79e214fdfecde1bc0ee86c2b_JaffaCakes118
-
Size
623KB
-
MD5
023e805f79e214fdfecde1bc0ee86c2b
-
SHA1
5789a4c4da3c6409711de3cef7d099f639b2a638
-
SHA256
1e963a71db1a6c0ff84fd42394b66552557226d6df06497a6367909b8ae278ed
-
SHA512
ee0db1355193e342250581c668315c3c8ce4472cdde442d6e85d641b71438c6fb4921115fa6286fcab6bddadc44d7217e7486985aa4cf2267bf11d0ee9e651bf
-
SSDEEP
12288:+w8soU9ORlkIChQ5cp+337lRt2Qsxa42tRU47RvWN2OjX:H8soU9O/kICbpMzfW4VDOjX
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of SetThreadContext
-