General
-
Target
99facbae68757132afad6e4ecacf75e0_JaffaCakes118
-
Size
732KB
-
Sample
241125-hzev3avmh1
-
MD5
99facbae68757132afad6e4ecacf75e0
-
SHA1
02c7027ea8811076d2ff311cca039fe3cc7be0ef
-
SHA256
c52469ac3cff3ac6aef129e81a1f17930d96928f75fad1306389f621bec52812
-
SHA512
6d2d4da6c1ddc1ab7b65575dc69d133691c755ecc87a60c9e237c4eb79ee8531aaf202e418e186380428f6455762a806bec32e828555e5d496f6dd72bdcc0b24
-
SSDEEP
12288:29Ec//////twtcatGl74KJB/GgwDIM2q1x5ud3flgSTZ6DKqMTGQhTst43i9XXc:2Ec//////twtf+7dJNvQhx5udXTcjYs+
Static task
static1
Behavioral task
behavioral1
Sample
99facbae68757132afad6e4ecacf75e0_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
99facbae68757132afad6e4ecacf75e0_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
99facbae68757132afad6e4ecacf75e0_JaffaCakes118
-
Size
732KB
-
MD5
99facbae68757132afad6e4ecacf75e0
-
SHA1
02c7027ea8811076d2ff311cca039fe3cc7be0ef
-
SHA256
c52469ac3cff3ac6aef129e81a1f17930d96928f75fad1306389f621bec52812
-
SHA512
6d2d4da6c1ddc1ab7b65575dc69d133691c755ecc87a60c9e237c4eb79ee8531aaf202e418e186380428f6455762a806bec32e828555e5d496f6dd72bdcc0b24
-
SSDEEP
12288:29Ec//////twtcatGl74KJB/GgwDIM2q1x5ud3flgSTZ6DKqMTGQhTst43i9XXc:2Ec//////twtf+7dJNvQhx5udXTcjYs+
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Suspicious use of SetThreadContext
-