Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
07/04/2024, 22:33
Static task
static1
Behavioral task
behavioral1
Sample
e602529aac54169210c8ecd845bd3ffc_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e602529aac54169210c8ecd845bd3ffc_JaffaCakes118.exe
Resource
win10v2004-20240226-en
General
-
Target
e602529aac54169210c8ecd845bd3ffc_JaffaCakes118.exe
-
Size
694KB
-
MD5
e602529aac54169210c8ecd845bd3ffc
-
SHA1
876355183667e6f875c13f632e5825af7e22e8f9
-
SHA256
94bde37cb59faa00dcfe9e16d6773bc22e468e531f09d4c946fe22dec49cf926
-
SHA512
2bfa932355c203b8d5b5cd29f606454f5c98387ac0643ce9a71ad75c6907d7659b62fc1d589402067abe73486c5ccd3556e54fa39c4a0c85a106c81af044e60c
-
SSDEEP
12288:OlaDZ6+Eis2xF7S3/6nYpH5hQVsqjGhH/LGE99hbO:OsD8GxF4FpHPYj+HTGEDVO
Malware Config
Signatures
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader First Stage 1 IoCs
resource yara_rule behavioral2/memory/1540-2-0x0000000002380000-0x000000000239B000-memory.dmp modiloader_stage1