General
-
Target
08f366a0da689827686e40dec32f2ca7_JaffaCakes118
-
Size
689KB
-
Sample
240620-xs88natajd
-
MD5
08f366a0da689827686e40dec32f2ca7
-
SHA1
61316f307f57c45ba7e7bbd5553fa1baab1e986c
-
SHA256
423015da60ded3ff8832e70ba6d868d8e5deee6d9c25f91f59d818e8588ee485
-
SHA512
a27be93f74a6d242b0d069f23b4d58dcbd22887ddf79d0527cf7b2ca9b594dbc75d239fc21c89dca84ad6a3bcceff2c3d55bb0f1cdbe4180b20fa63f85c1fb55
-
SSDEEP
12288:RK9tGgozqi5paO0lp9USQVUeyrkA4nK6J2v5rdTgxWaSTc:sD2eas1USIianh4JuIaST
Behavioral task
behavioral1
Sample
08f366a0da689827686e40dec32f2ca7_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
08f366a0da689827686e40dec32f2ca7_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
08f366a0da689827686e40dec32f2ca7_JaffaCakes118
-
Size
689KB
-
MD5
08f366a0da689827686e40dec32f2ca7
-
SHA1
61316f307f57c45ba7e7bbd5553fa1baab1e986c
-
SHA256
423015da60ded3ff8832e70ba6d868d8e5deee6d9c25f91f59d818e8588ee485
-
SHA512
a27be93f74a6d242b0d069f23b4d58dcbd22887ddf79d0527cf7b2ca9b594dbc75d239fc21c89dca84ad6a3bcceff2c3d55bb0f1cdbe4180b20fa63f85c1fb55
-
SSDEEP
12288:RK9tGgozqi5paO0lp9USQVUeyrkA4nK6J2v5rdTgxWaSTc:sD2eas1USIianh4JuIaST
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-