General
-
Target
22ade4473732077279ad7495359323e2_JaffaCakes118
-
Size
302KB
-
Sample
240703-rq95aasfje
-
MD5
22ade4473732077279ad7495359323e2
-
SHA1
bf7c07bae8a64c5bfb256a1be2c69ea796636a2f
-
SHA256
fe0b8a4bc9df60afe16dd53e2a341bc8b96c7e3c0892df1f8f970bb4cc26f5f4
-
SHA512
76b082053e66e060be662e0f75d0563032afc6dc7d4f58053d6114c720e50172803b375738f4b04c91e49c3156e5f869d5c607a5627400340fe035868b51aa18
-
SSDEEP
6144:Ii0LhePsmtEJqlzqOVPpneiLrDvUk0dQMxjP8JFqf+f2NzaM/DNUg3FfLVEBIE:mte9HLMNdQ8jP8jlfKz/vTVE
Static task
static1
Behavioral task
behavioral1
Sample
22ade4473732077279ad7495359323e2_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
22ade4473732077279ad7495359323e2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
22ade4473732077279ad7495359323e2_JaffaCakes118
-
Size
302KB
-
MD5
22ade4473732077279ad7495359323e2
-
SHA1
bf7c07bae8a64c5bfb256a1be2c69ea796636a2f
-
SHA256
fe0b8a4bc9df60afe16dd53e2a341bc8b96c7e3c0892df1f8f970bb4cc26f5f4
-
SHA512
76b082053e66e060be662e0f75d0563032afc6dc7d4f58053d6114c720e50172803b375738f4b04c91e49c3156e5f869d5c607a5627400340fe035868b51aa18
-
SSDEEP
6144:Ii0LhePsmtEJqlzqOVPpneiLrDvUk0dQMxjP8JFqf+f2NzaM/DNUg3FfLVEBIE:mte9HLMNdQ8jP8jlfKz/vTVE
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-