General
-
Target
fb74ecaa1f9ae4aefd1cd2897cb37561_JaffaCakes118
-
Size
2.4MB
-
Sample
240928-eh8j9syckg
-
MD5
fb74ecaa1f9ae4aefd1cd2897cb37561
-
SHA1
9076413ec4638c3cfa27408469c5cf7e15981bbe
-
SHA256
8ee96c1c7b83b8d24289ed12e999f996144348a50810ab8d24e62ce300f7419e
-
SHA512
9cef3bda6366c3ad3255f5f9108ab142e546472963102d3228ce6ea8810f450af804f3c7e986541d0aeae3433f47abd2b4d5c7d4b38fc1aeda1e3f8a340a4ff6
-
SSDEEP
49152:7EOS2b1QsWnXne0RPEic623zTQMWH77+ygSI/6hD79qJlUF:7E3OWXnJP+623/Qb7DgJ/6TqJq
Static task
static1
Behavioral task
behavioral1
Sample
fb74ecaa1f9ae4aefd1cd2897cb37561_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
fb74ecaa1f9ae4aefd1cd2897cb37561_JaffaCakes118
-
Size
2.4MB
-
MD5
fb74ecaa1f9ae4aefd1cd2897cb37561
-
SHA1
9076413ec4638c3cfa27408469c5cf7e15981bbe
-
SHA256
8ee96c1c7b83b8d24289ed12e999f996144348a50810ab8d24e62ce300f7419e
-
SHA512
9cef3bda6366c3ad3255f5f9108ab142e546472963102d3228ce6ea8810f450af804f3c7e986541d0aeae3433f47abd2b4d5c7d4b38fc1aeda1e3f8a340a4ff6
-
SSDEEP
49152:7EOS2b1QsWnXne0RPEic623zTQMWH77+ygSI/6hD79qJlUF:7E3OWXnJP+623/Qb7DgJ/6TqJq
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-