General
-
Target
9acc6ff628e85d8ef924207f99afb342_JaffaCakes118
-
Size
152KB
-
Sample
241125-l2w4xa1mat
-
MD5
9acc6ff628e85d8ef924207f99afb342
-
SHA1
0b06b6cd64ad5924950fb25f378c42fff6894c24
-
SHA256
dbe55d46ca4d0b24e35dfe1057753922d46c994e5b0bfccb664cec7642976c05
-
SHA512
5930f80edcab6ab5e2b3481a5acc269d174f662f037e9a281ec2d60545cb68af833ed58abb57fb8bdace4b0564323f8b571377af32d77f56a95c7a9565483492
-
SSDEEP
1536:c1DMz1DQvXLq6t7awFONecenlLnQHIG5R9c73P600t:9eGw9A0rC00t
Static task
static1
Behavioral task
behavioral1
Sample
9acc6ff628e85d8ef924207f99afb342_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
9acc6ff628e85d8ef924207f99afb342_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9acc6ff628e85d8ef924207f99afb342_JaffaCakes118
-
Size
152KB
-
MD5
9acc6ff628e85d8ef924207f99afb342
-
SHA1
0b06b6cd64ad5924950fb25f378c42fff6894c24
-
SHA256
dbe55d46ca4d0b24e35dfe1057753922d46c994e5b0bfccb664cec7642976c05
-
SHA512
5930f80edcab6ab5e2b3481a5acc269d174f662f037e9a281ec2d60545cb68af833ed58abb57fb8bdace4b0564323f8b571377af32d77f56a95c7a9565483492
-
SSDEEP
1536:c1DMz1DQvXLq6t7awFONecenlLnQHIG5R9c73P600t:9eGw9A0rC00t
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-