General
-
Target
fb7d4863cb9246a5e7c21e291672624b_JaffaCakes118
-
Size
455KB
-
Sample
240928-exf4kawgrp
-
MD5
fb7d4863cb9246a5e7c21e291672624b
-
SHA1
0d1a323be95d2597ba9106ae547586209d9d71c3
-
SHA256
a0782b2a67ed099d8855b16b78e5b4e5be2e5e0ba9bf3faf7f9615ad0d38b514
-
SHA512
96649a17ccfdd99354bcd62caebec00ef01b8d71d1897164b91250796203acea68bbeac10f6ef437a59218a17fabd987f6a089841648fbfd20817e24c4d4f477
-
SSDEEP
12288:G3cwv+upJgsv/uis5VUZ33KSaJbxAvc5jeYY5oS:GMuosv/PsrOwJVic5j7Y
Behavioral task
behavioral1
Sample
fb7d4863cb9246a5e7c21e291672624b_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
fb7d4863cb9246a5e7c21e291672624b_JaffaCakes118
-
Size
455KB
-
MD5
fb7d4863cb9246a5e7c21e291672624b
-
SHA1
0d1a323be95d2597ba9106ae547586209d9d71c3
-
SHA256
a0782b2a67ed099d8855b16b78e5b4e5be2e5e0ba9bf3faf7f9615ad0d38b514
-
SHA512
96649a17ccfdd99354bcd62caebec00ef01b8d71d1897164b91250796203acea68bbeac10f6ef437a59218a17fabd987f6a089841648fbfd20817e24c4d4f477
-
SSDEEP
12288:G3cwv+upJgsv/uis5VUZ33KSaJbxAvc5jeYY5oS:GMuosv/PsrOwJVic5j7Y
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of SetThreadContext
-