General
-
Target
16434173272d0fd623cedc921d936a46_JaffaCakes118
-
Size
1.3MB
-
Sample
240627-rbwy4sxarl
-
MD5
16434173272d0fd623cedc921d936a46
-
SHA1
5f2320049e1f0fc4b9527e74e0df7afdc9ca32ee
-
SHA256
ec86a8cd7e2305d09792297115d080699ecddf8c080e916d6b1dbe06e1a6cd54
-
SHA512
da3fb6e7ef8eea6cbbb73ce6f4a11c2c9ace0ab85292bcf542908dc7b4748fae88e09d6685352e5ac5f6cf11a4fe66d48b638c00559c0ab7cda97b901fe84d1a
-
SSDEEP
24576:kJfF2OuAfeCGStKypZzIn/UdRC0d49N/MP80yDDyqZqej0EukVd5:kLnxgAuninQZMJyyoh0Ezd
Behavioral task
behavioral1
Sample
16434173272d0fd623cedc921d936a46_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
16434173272d0fd623cedc921d936a46_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
16434173272d0fd623cedc921d936a46_JaffaCakes118
-
Size
1.3MB
-
MD5
16434173272d0fd623cedc921d936a46
-
SHA1
5f2320049e1f0fc4b9527e74e0df7afdc9ca32ee
-
SHA256
ec86a8cd7e2305d09792297115d080699ecddf8c080e916d6b1dbe06e1a6cd54
-
SHA512
da3fb6e7ef8eea6cbbb73ce6f4a11c2c9ace0ab85292bcf542908dc7b4748fae88e09d6685352e5ac5f6cf11a4fe66d48b638c00559c0ab7cda97b901fe84d1a
-
SSDEEP
24576:kJfF2OuAfeCGStKypZzIn/UdRC0d49N/MP80yDDyqZqej0EukVd5:kLnxgAuninQZMJyyoh0Ezd
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1