General
-
Target
17998d24af97abd9c3be708782a2bbc7_JaffaCakes118
-
Size
709KB
-
Sample
240627-1ctd2ssbjb
-
MD5
17998d24af97abd9c3be708782a2bbc7
-
SHA1
42fa7d132fec95e079531a3c2125f9802dc91bab
-
SHA256
28c93ea949a20acdd994bee18d49b3ba06d4de65c267c118d1bb4b6fa426fe88
-
SHA512
c79ed098462649163879b0301362d96ff868a043bc197a1ed2c54d34a8883de743ab56f4d9debb80fcd14f272d93c7c214c08cc9efad53aed6cf779ce023a54d
-
SSDEEP
12288:IuVPp3it+wX+jrslZO0bO8d/8+JaeCzF3Z4mxxexyIypeJiLbfjtWLI:HAZrbli+JSQmXK1Qf5
Static task
static1
Behavioral task
behavioral1
Sample
17998d24af97abd9c3be708782a2bbc7_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
17998d24af97abd9c3be708782a2bbc7_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
17998d24af97abd9c3be708782a2bbc7_JaffaCakes118
-
Size
709KB
-
MD5
17998d24af97abd9c3be708782a2bbc7
-
SHA1
42fa7d132fec95e079531a3c2125f9802dc91bab
-
SHA256
28c93ea949a20acdd994bee18d49b3ba06d4de65c267c118d1bb4b6fa426fe88
-
SHA512
c79ed098462649163879b0301362d96ff868a043bc197a1ed2c54d34a8883de743ab56f4d9debb80fcd14f272d93c7c214c08cc9efad53aed6cf779ce023a54d
-
SSDEEP
12288:IuVPp3it+wX+jrslZO0bO8d/8+JaeCzF3Z4mxxexyIypeJiLbfjtWLI:HAZrbli+JSQmXK1Qf5
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-