General
-
Target
06f392a156d51307a93d49ba7e19e8ff_JaffaCakes118
-
Size
239KB
-
Sample
240620-r4mwxasgmf
-
MD5
06f392a156d51307a93d49ba7e19e8ff
-
SHA1
dbc21eea0efee2c9512008240dc810f23cde1291
-
SHA256
ab3dc8eb41a5d995e77d34b54896e1c02781f37ba133c8a7bc861179d65c19c0
-
SHA512
9cb95ed46834068ae93ce5e50737f12d972fed32384b506efa10ff700bfba901379ddf36849687f900691b0cb704577fa6f7f7865796fea71d6df361da2b2c8b
-
SSDEEP
6144:5pV2WLSRYbI0eiOeSs1kV2WLSRYbI0eiOeSs1x:F3LR3Vj1143LR3Vj11x
Static task
static1
Behavioral task
behavioral1
Sample
06f392a156d51307a93d49ba7e19e8ff_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
06f392a156d51307a93d49ba7e19e8ff_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
06f392a156d51307a93d49ba7e19e8ff_JaffaCakes118
-
Size
239KB
-
MD5
06f392a156d51307a93d49ba7e19e8ff
-
SHA1
dbc21eea0efee2c9512008240dc810f23cde1291
-
SHA256
ab3dc8eb41a5d995e77d34b54896e1c02781f37ba133c8a7bc861179d65c19c0
-
SHA512
9cb95ed46834068ae93ce5e50737f12d972fed32384b506efa10ff700bfba901379ddf36849687f900691b0cb704577fa6f7f7865796fea71d6df361da2b2c8b
-
SSDEEP
6144:5pV2WLSRYbI0eiOeSs1kV2WLSRYbI0eiOeSs1x:F3LR3Vj1143LR3Vj11x
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-