General
-
Target
0649aeb3dc88502703b27ce76c97b4d4_JaffaCakes118
-
Size
900KB
-
Sample
240620-qerywstcjp
-
MD5
0649aeb3dc88502703b27ce76c97b4d4
-
SHA1
f1ad2365abd60cb9b4cc2454c0eb95f323bfcd0c
-
SHA256
9feb42b7ae8e05f9e46497e56c4866cf1f8e35251bb158371ea3064d36384ed2
-
SHA512
3f740a543ec5eb655dbece6cba3f86f5b037ece00ec6d7a15372e5aaa16c581e7e0a78fef335d95db574db5931245ff9c26292b546f0a40fc5e587669cefad50
-
SSDEEP
24576:nMzDLu5s/T1p4fXAYRqQmXBgDhaxuX0N4b5bGyOU:mLu5w1kQYRLmRN4gy1
Static task
static1
Behavioral task
behavioral1
Sample
0649aeb3dc88502703b27ce76c97b4d4_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0649aeb3dc88502703b27ce76c97b4d4_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0649aeb3dc88502703b27ce76c97b4d4_JaffaCakes118
-
Size
900KB
-
MD5
0649aeb3dc88502703b27ce76c97b4d4
-
SHA1
f1ad2365abd60cb9b4cc2454c0eb95f323bfcd0c
-
SHA256
9feb42b7ae8e05f9e46497e56c4866cf1f8e35251bb158371ea3064d36384ed2
-
SHA512
3f740a543ec5eb655dbece6cba3f86f5b037ece00ec6d7a15372e5aaa16c581e7e0a78fef335d95db574db5931245ff9c26292b546f0a40fc5e587669cefad50
-
SSDEEP
24576:nMzDLu5s/T1p4fXAYRqQmXBgDhaxuX0N4b5bGyOU:mLu5w1kQYRLmRN4gy1
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Suspicious use of SetThreadContext
-