General
-
Target
06581e52868b437d9d45edf571cd005b_JaffaCakes118
-
Size
810KB
-
Sample
240620-qj6mvatekm
-
MD5
06581e52868b437d9d45edf571cd005b
-
SHA1
0d7eb9d56e6c64bbd41608a2488fef6738ea0877
-
SHA256
8d40715740bd9406b876d46c366c4988a24277539661d3f440afc0a1436a0a0b
-
SHA512
d23425151475f9843434939166a1fb9b9321a5b337f90dce4f36f6b7cd9507da3c639d4c143e5ba84c165b98d83f13479082868273d40b86c44f934155ca2894
-
SSDEEP
12288:s1ag1PtCvDLwmMnWCK2nBb141suvAFI/VcQoPq4iTDg5+I:soOPtSwmMn0Y/41HIF+oPq4iTDg5/
Behavioral task
behavioral1
Sample
06581e52868b437d9d45edf571cd005b_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
06581e52868b437d9d45edf571cd005b_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
06581e52868b437d9d45edf571cd005b_JaffaCakes118
-
Size
810KB
-
MD5
06581e52868b437d9d45edf571cd005b
-
SHA1
0d7eb9d56e6c64bbd41608a2488fef6738ea0877
-
SHA256
8d40715740bd9406b876d46c366c4988a24277539661d3f440afc0a1436a0a0b
-
SHA512
d23425151475f9843434939166a1fb9b9321a5b337f90dce4f36f6b7cd9507da3c639d4c143e5ba84c165b98d83f13479082868273d40b86c44f934155ca2894
-
SSDEEP
12288:s1ag1PtCvDLwmMnWCK2nBb141suvAFI/VcQoPq4iTDg5+I:soOPtSwmMn0Y/41HIF+oPq4iTDg5/
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-