General
-
Target
02dcad2dc67e6808fb7eab1bb84ffcae_JaffaCakes118
-
Size
312KB
-
Sample
240620-e9l6cayhng
-
MD5
02dcad2dc67e6808fb7eab1bb84ffcae
-
SHA1
f15eaa4e8115abed28f5f53ec59d38995a066437
-
SHA256
5dfff5ac350d6e51a5ec28fe728d9c918a1f5882241c6660aa303d4dae0ad5e4
-
SHA512
601552ee1dd7669dbd76439bf25cc592c19b715297e17d0e017d8b751753e255561296efa69fceba6ce82f06333aa3b4ae93fa2697bbad041c0dac797ad0f3f5
-
SSDEEP
6144:j80Mh2tKu20EIixqjqEwS8C3dbzmclGkpYRMcOqwpfYqFSV6T:/Mh2tk0ji0FwS8KlGkpnBHpA0SV6
Static task
static1
Behavioral task
behavioral1
Sample
02dcad2dc67e6808fb7eab1bb84ffcae_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
02dcad2dc67e6808fb7eab1bb84ffcae_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
02dcad2dc67e6808fb7eab1bb84ffcae_JaffaCakes118
-
Size
312KB
-
MD5
02dcad2dc67e6808fb7eab1bb84ffcae
-
SHA1
f15eaa4e8115abed28f5f53ec59d38995a066437
-
SHA256
5dfff5ac350d6e51a5ec28fe728d9c918a1f5882241c6660aa303d4dae0ad5e4
-
SHA512
601552ee1dd7669dbd76439bf25cc592c19b715297e17d0e017d8b751753e255561296efa69fceba6ce82f06333aa3b4ae93fa2697bbad041c0dac797ad0f3f5
-
SSDEEP
6144:j80Mh2tKu20EIixqjqEwS8C3dbzmclGkpYRMcOqwpfYqFSV6T:/Mh2tk0ji0FwS8KlGkpnBHpA0SV6
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-