General
-
Target
07c570dd70589229a0421d681977a743_JaffaCakes118
-
Size
732KB
-
Sample
240620-t1xyta1emm
-
MD5
07c570dd70589229a0421d681977a743
-
SHA1
2aed17a0a83135117cf59278b5d46ba293c45380
-
SHA256
f0913c4ceef7752db1bdda7e70617512da8e6ab399f329c0c77eb01d1aa199b1
-
SHA512
0ceb158f1009d4b8e7ac022a7ad15c001abd2b73959ec513abc2851e32abd8fc5544e1b9564bcfeee7985bf078f23b9b36f61770122e78e1502798abebb17a48
-
SSDEEP
12288:JPdsCAmVw2f+LEXLjDk3aXDlkd3dTw6X6tF3Z4mxxJ4H8tcFA8WS:JPpVw2f+LEppwdU6X6tQmX+H8mH
Static task
static1
Behavioral task
behavioral1
Sample
07c570dd70589229a0421d681977a743_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
07c570dd70589229a0421d681977a743_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
07c570dd70589229a0421d681977a743_JaffaCakes118
-
Size
732KB
-
MD5
07c570dd70589229a0421d681977a743
-
SHA1
2aed17a0a83135117cf59278b5d46ba293c45380
-
SHA256
f0913c4ceef7752db1bdda7e70617512da8e6ab399f329c0c77eb01d1aa199b1
-
SHA512
0ceb158f1009d4b8e7ac022a7ad15c001abd2b73959ec513abc2851e32abd8fc5544e1b9564bcfeee7985bf078f23b9b36f61770122e78e1502798abebb17a48
-
SSDEEP
12288:JPdsCAmVw2f+LEXLjDk3aXDlkd3dTw6X6tF3Z4mxxJ4H8tcFA8WS:JPpVw2f+LEppwdU6X6tQmX+H8mH
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-