General
-
Target
96c4b48fbbd9a7b2bd0f6d24e81ce358_JaffaCakes118
-
Size
82KB
-
Sample
241124-x9ck1s1pbl
-
MD5
96c4b48fbbd9a7b2bd0f6d24e81ce358
-
SHA1
a601ad493e2ed62020cbc300b8128eebad9027e5
-
SHA256
c0293e8b11f3cb206c37fdaf150b81f5f15d33f3a929b4ff8ec30dae248e53f5
-
SHA512
47947b802bb242049fac598e1ad6dafbd3aa7fdbc6db9423d3bf54e6922df6f4783f28c46472c47a62b9c94126947ebf26e00f72fe1e0ac509a70bed84207da4
-
SSDEEP
1536:mlj8JjgR2WyuZ+p77xtupPDtQXB5IY/25FnMbQFWvKUUEkZ4j63htmphCSaYEi8:8jPYRp77xtupPRQLGznzFWvzUNg0vmIx
Static task
static1
Behavioral task
behavioral1
Sample
96c4b48fbbd9a7b2bd0f6d24e81ce358_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
96c4b48fbbd9a7b2bd0f6d24e81ce358_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
96c4b48fbbd9a7b2bd0f6d24e81ce358_JaffaCakes118
-
Size
82KB
-
MD5
96c4b48fbbd9a7b2bd0f6d24e81ce358
-
SHA1
a601ad493e2ed62020cbc300b8128eebad9027e5
-
SHA256
c0293e8b11f3cb206c37fdaf150b81f5f15d33f3a929b4ff8ec30dae248e53f5
-
SHA512
47947b802bb242049fac598e1ad6dafbd3aa7fdbc6db9423d3bf54e6922df6f4783f28c46472c47a62b9c94126947ebf26e00f72fe1e0ac509a70bed84207da4
-
SSDEEP
1536:mlj8JjgR2WyuZ+p77xtupPDtQXB5IY/25FnMbQFWvKUUEkZ4j63htmphCSaYEi8:8jPYRp77xtupPRQLGznzFWvzUNg0vmIx
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-