General
-
Target
7ecf68b67578d1552e18e7122d59d0b6_JaffaCakes118
-
Size
5.1MB
-
Sample
241030-mhbjja1fng
-
MD5
7ecf68b67578d1552e18e7122d59d0b6
-
SHA1
ec4e8a1e185bcfc6a08a88d0484acef618ca8dcf
-
SHA256
5b24623774f21fdf9752f62d4882b4a820b8070ccea5a15d30d98a98cbeb8c41
-
SHA512
baf99760596e60cc58dbfb08b254293a8b74bb38eb70c4b47a152cc4fd573b5c782a982b35907d416367067f8256a883b7aa40c113a0377099fe8638fe173891
-
SSDEEP
49152:LUAmvbzyUc4R917L8I0HmA8sWb5LhwnRES5cqhywRWaW3aw597Y9pB3Cn:QAW/TP1fA8vb5Gnegcayw45Ki9kb0n
Static task
static1
Behavioral task
behavioral1
Sample
7ecf68b67578d1552e18e7122d59d0b6_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
7ecf68b67578d1552e18e7122d59d0b6_JaffaCakes118
-
Size
5.1MB
-
MD5
7ecf68b67578d1552e18e7122d59d0b6
-
SHA1
ec4e8a1e185bcfc6a08a88d0484acef618ca8dcf
-
SHA256
5b24623774f21fdf9752f62d4882b4a820b8070ccea5a15d30d98a98cbeb8c41
-
SHA512
baf99760596e60cc58dbfb08b254293a8b74bb38eb70c4b47a152cc4fd573b5c782a982b35907d416367067f8256a883b7aa40c113a0377099fe8638fe173891
-
SSDEEP
49152:LUAmvbzyUc4R917L8I0HmA8sWb5LhwnRES5cqhywRWaW3aw597Y9pB3Cn:QAW/TP1fA8vb5Gnegcayw45Ki9kb0n
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-