General
-
Target
029a7db15bc7043ac96b6bfaad802f6d_JaffaCakes118
-
Size
3.5MB
-
Sample
240620-ehqz8axelg
-
MD5
029a7db15bc7043ac96b6bfaad802f6d
-
SHA1
03f47d8258ecafe09fc7044999271f9b8e2c9368
-
SHA256
c479b75d73c77b3c5aed7602e6b25f954c82161a7690a689b4cba7ebbd5f09e2
-
SHA512
9deb706d0eeebd6ff95f6a5936adecd5721197282276525e724354bc67c1f27173134b1d53aa3ff23dc55394d330e68907f9ed3f9aaedb69b0dcd89614564ebb
-
SSDEEP
98304:11Pkva2R5bDVYPpXwVzSJUrD6/3DVRDp/HyuzLo:11PkyobD6p0mWW/fDVNc
Static task
static1
Behavioral task
behavioral1
Sample
029a7db15bc7043ac96b6bfaad802f6d_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
029a7db15bc7043ac96b6bfaad802f6d_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
029a7db15bc7043ac96b6bfaad802f6d_JaffaCakes118
-
Size
3.5MB
-
MD5
029a7db15bc7043ac96b6bfaad802f6d
-
SHA1
03f47d8258ecafe09fc7044999271f9b8e2c9368
-
SHA256
c479b75d73c77b3c5aed7602e6b25f954c82161a7690a689b4cba7ebbd5f09e2
-
SHA512
9deb706d0eeebd6ff95f6a5936adecd5721197282276525e724354bc67c1f27173134b1d53aa3ff23dc55394d330e68907f9ed3f9aaedb69b0dcd89614564ebb
-
SSDEEP
98304:11Pkva2R5bDVYPpXwVzSJUrD6/3DVRDp/HyuzLo:11PkyobD6p0mWW/fDVNc
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-