General
-
Target
09422e47a95b1c2fad54d948843b9f0c_JaffaCakes118
-
Size
404KB
-
Sample
240620-yl9fhsygnq
-
MD5
09422e47a95b1c2fad54d948843b9f0c
-
SHA1
a3db3f2f5b272cd51d2b312ba9a388788b78bed4
-
SHA256
139cff125dc1eac257e9a7b5dd3971f7c0d924e4a6f469b18c2f08637a5f4c2e
-
SHA512
7b2173c53299c59d0af309f077a31d95cb144ca4a505e0edfff2e88e5a1834ea63545da5742e35c12c435e9b1c897629612cfa6180bfc57ac6ccaf5eb6d7a0be
-
SSDEEP
12288:piKf9rHXYBKnolmQ1DUbESnDkosH7ITHD9j3w99ZcE:piKfh3Y4hhsCHxj3S9ZN
Behavioral task
behavioral1
Sample
09422e47a95b1c2fad54d948843b9f0c_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
09422e47a95b1c2fad54d948843b9f0c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
09422e47a95b1c2fad54d948843b9f0c_JaffaCakes118
-
Size
404KB
-
MD5
09422e47a95b1c2fad54d948843b9f0c
-
SHA1
a3db3f2f5b272cd51d2b312ba9a388788b78bed4
-
SHA256
139cff125dc1eac257e9a7b5dd3971f7c0d924e4a6f469b18c2f08637a5f4c2e
-
SHA512
7b2173c53299c59d0af309f077a31d95cb144ca4a505e0edfff2e88e5a1834ea63545da5742e35c12c435e9b1c897629612cfa6180bfc57ac6ccaf5eb6d7a0be
-
SSDEEP
12288:piKf9rHXYBKnolmQ1DUbESnDkosH7ITHD9j3w99ZcE:piKfh3Y4hhsCHxj3S9ZN
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-