General
-
Target
812910d24e02ca6148329467d312b9d8_JaffaCakes118
-
Size
15KB
-
Sample
241031-cpmv2axejq
-
MD5
812910d24e02ca6148329467d312b9d8
-
SHA1
d687f964af84a2faa14944eb16bc1e8de5517d70
-
SHA256
11bc0354de82a6f239dd747ed076ccc6c79744273d6f84909e7bff944a3d221b
-
SHA512
d8f3c93150ae2eed370a9709034ab8dccb943d0bf2eb63a2f23ffcd5cffb0f2dd4a2a302750f48a8012eb92f962a36fae68e810d0b94245c42a06bad11cebeb5
-
SSDEEP
384:Cy2GE954szZ3QYNTvq0lzwDtJcq3PTu7JnYHbE+MFDGa2dRQ:D239G+Nvkkq3PTbHblU2dK
Static task
static1
Behavioral task
behavioral1
Sample
812910d24e02ca6148329467d312b9d8_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
812910d24e02ca6148329467d312b9d8_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
812910d24e02ca6148329467d312b9d8_JaffaCakes118
-
Size
15KB
-
MD5
812910d24e02ca6148329467d312b9d8
-
SHA1
d687f964af84a2faa14944eb16bc1e8de5517d70
-
SHA256
11bc0354de82a6f239dd747ed076ccc6c79744273d6f84909e7bff944a3d221b
-
SHA512
d8f3c93150ae2eed370a9709034ab8dccb943d0bf2eb63a2f23ffcd5cffb0f2dd4a2a302750f48a8012eb92f962a36fae68e810d0b94245c42a06bad11cebeb5
-
SSDEEP
384:Cy2GE954szZ3QYNTvq0lzwDtJcq3PTu7JnYHbE+MFDGa2dRQ:D239G+Nvkkq3PTbHblU2dK
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Suspicious use of SetThreadContext
-