General
-
Target
fb7c8bf9f39db1d6dfcb83e965b7171a_JaffaCakes118
-
Size
686KB
-
Sample
240928-ewmvqaygpa
-
MD5
fb7c8bf9f39db1d6dfcb83e965b7171a
-
SHA1
eede193002b6624ee194675c79adb84cf2293c51
-
SHA256
30ef898e25f8c0ad57894203a8298d143169ae6535b770af2ade724dd662a436
-
SHA512
e72c51706a1b648b5507778430821100ceccddc584007d85f887b408ecc5da7e203626e7d850c6d535ab5348bb1ef81c271226c41b0d7d88f64317f4585d1ae1
-
SSDEEP
12288:PGizviX0cjyOK/tSGJkGat0aiYtFwloF3Z4mxxkDqVTVOCQO:PXiJh/G5aiYtFwloQmXTVTzQO
Static task
static1
Behavioral task
behavioral1
Sample
fb7c8bf9f39db1d6dfcb83e965b7171a_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fb7c8bf9f39db1d6dfcb83e965b7171a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
fb7c8bf9f39db1d6dfcb83e965b7171a_JaffaCakes118
-
Size
686KB
-
MD5
fb7c8bf9f39db1d6dfcb83e965b7171a
-
SHA1
eede193002b6624ee194675c79adb84cf2293c51
-
SHA256
30ef898e25f8c0ad57894203a8298d143169ae6535b770af2ade724dd662a436
-
SHA512
e72c51706a1b648b5507778430821100ceccddc584007d85f887b408ecc5da7e203626e7d850c6d535ab5348bb1ef81c271226c41b0d7d88f64317f4585d1ae1
-
SSDEEP
12288:PGizviX0cjyOK/tSGJkGat0aiYtFwloF3Z4mxxkDqVTVOCQO:PXiJh/G5aiYtFwloQmXTVTzQO
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-