General
-
Target
1e98529aab8fc6d0a5ec8d2d60c72684_JaffaCakes118
-
Size
1.3MB
-
Sample
240702-j4e73ateje
-
MD5
1e98529aab8fc6d0a5ec8d2d60c72684
-
SHA1
05b9c8e59a2a467f22aafe80798e27d0dc5ca0e0
-
SHA256
6cab8d7e1c929f339d44e4ae123317d08fc96edf6d01f29e7f8e3b3dbf902fa3
-
SHA512
ab3b28fe7fad8ea272916e31b95206a3eec5fe9618131e6a04d219c31ebae3b083ac02030459a82dbae8e24b1d791ea49f19162fce364c3ff37983caa0aa4ea8
-
SSDEEP
24576:dYsafoPA8uzdIc6mGU2Zoc3AnoosgsXc4qx4hmjOaDk5UKQd//:ynf58uJGKeInscxsmyD
Behavioral task
behavioral1
Sample
1e98529aab8fc6d0a5ec8d2d60c72684_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1e98529aab8fc6d0a5ec8d2d60c72684_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1e98529aab8fc6d0a5ec8d2d60c72684_JaffaCakes118
-
Size
1.3MB
-
MD5
1e98529aab8fc6d0a5ec8d2d60c72684
-
SHA1
05b9c8e59a2a467f22aafe80798e27d0dc5ca0e0
-
SHA256
6cab8d7e1c929f339d44e4ae123317d08fc96edf6d01f29e7f8e3b3dbf902fa3
-
SHA512
ab3b28fe7fad8ea272916e31b95206a3eec5fe9618131e6a04d219c31ebae3b083ac02030459a82dbae8e24b1d791ea49f19162fce364c3ff37983caa0aa4ea8
-
SSDEEP
24576:dYsafoPA8uzdIc6mGU2Zoc3AnoosgsXc4qx4hmjOaDk5UKQd//:ynf58uJGKeInscxsmyD
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1