General
-
Target
67c14c452580742d2e8b8f84fcd37074_JaffaCakes118
-
Size
1.3MB
-
Sample
240723-qnjnwavfne
-
MD5
67c14c452580742d2e8b8f84fcd37074
-
SHA1
10dd9707393a240f63fb7236e5a02dd0b5c945f4
-
SHA256
b71d389c468e13156244e85a3adb403571c96202088a57bd07e2c39421ecdab1
-
SHA512
1993503c483881ac43c473543b45b600dade8d0be6363c81aa41599036e93df27c2d94361f2f78a2775da6f4ed8836e860f0c0041bcd3882075d6fc15cdb9d2d
-
SSDEEP
24576:PoUjyf2D5VFBs+zcp0hdzEAPPf+BUTTRYm839Bva:PooyYBsx0hlEAP3+sB83e
Static task
static1
Behavioral task
behavioral1
Sample
67c14c452580742d2e8b8f84fcd37074_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
67c14c452580742d2e8b8f84fcd37074_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
darkcomet
xwz
kuider.dyndns-at-home.com:1604
DC_MUTEX-B218V5W
-
gencode
9nEcALkkhAmM
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
67c14c452580742d2e8b8f84fcd37074_JaffaCakes118
-
Size
1.3MB
-
MD5
67c14c452580742d2e8b8f84fcd37074
-
SHA1
10dd9707393a240f63fb7236e5a02dd0b5c945f4
-
SHA256
b71d389c468e13156244e85a3adb403571c96202088a57bd07e2c39421ecdab1
-
SHA512
1993503c483881ac43c473543b45b600dade8d0be6363c81aa41599036e93df27c2d94361f2f78a2775da6f4ed8836e860f0c0041bcd3882075d6fc15cdb9d2d
-
SSDEEP
24576:PoUjyf2D5VFBs+zcp0hdzEAPPf+BUTTRYm839Bva:PooyYBsx0hlEAP3+sB83e
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-