General
-
Target
013dcfea0eff15673ebb1fb3eed7adbc_JaffaCakes118
-
Size
157KB
-
Sample
240619-3rr6msxdkd
-
MD5
013dcfea0eff15673ebb1fb3eed7adbc
-
SHA1
c9f3eae70d640888b87c56000fa347060967e8c3
-
SHA256
d708cc8a23586dfc31bb2563484f7068fdf58955611b6f1e40de93112eb4637f
-
SHA512
bbdd84afee83ac808392a8a6ede5167cc4481d9a1cc5ebbd2660bd251b93b8edc56277fc63bfc732b4e6d0700ec48ebb8013dedbebfbdeaf292f93f3114171de
-
SSDEEP
3072:DGbHwx3GsAFyQbXO0kwXmFRqAh+7QouCv8BATTy+zL9GwqRlcBapeEdmIMyXFD:DG7u6jrkwvKaXR0cyYLF6lcBapBdd1D
Behavioral task
behavioral1
Sample
013dcfea0eff15673ebb1fb3eed7adbc_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
013dcfea0eff15673ebb1fb3eed7adbc_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
013dcfea0eff15673ebb1fb3eed7adbc_JaffaCakes118
-
Size
157KB
-
MD5
013dcfea0eff15673ebb1fb3eed7adbc
-
SHA1
c9f3eae70d640888b87c56000fa347060967e8c3
-
SHA256
d708cc8a23586dfc31bb2563484f7068fdf58955611b6f1e40de93112eb4637f
-
SHA512
bbdd84afee83ac808392a8a6ede5167cc4481d9a1cc5ebbd2660bd251b93b8edc56277fc63bfc732b4e6d0700ec48ebb8013dedbebfbdeaf292f93f3114171de
-
SSDEEP
3072:DGbHwx3GsAFyQbXO0kwXmFRqAh+7QouCv8BATTy+zL9GwqRlcBapeEdmIMyXFD:DG7u6jrkwvKaXR0cyYLF6lcBapBdd1D
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Impair Defenses: Safe Mode Boot
-
Adds Run key to start application
-