General
-
Target
08b98cea751df2f1a0b93c1026c98c62_JaffaCakes118
-
Size
706KB
-
Sample
240620-xama6ssamg
-
MD5
08b98cea751df2f1a0b93c1026c98c62
-
SHA1
059e9e6615c562af98d4505f12d3ae1f08b6ef67
-
SHA256
5f5e4235a44db94afdd2f9643e14f36d69f3854040270a78125529070d83e098
-
SHA512
6e5a248a0a84f3d44ee5a494e138313ccbd69a3cdabef0e7b23302df9164fc82a6d66c06d4e1042e48376ef79a72e3170dfe28e65317cac0de01ab5a49982dde
-
SSDEEP
12288:tLIqdYi+c5m3UtUV11g+V6WRoTG0WBSVXF3Z4mxxzDqVTVOCy:pIXc5m3UCN9V6qoT/W0XQmXaVTzy
Static task
static1
Behavioral task
behavioral1
Sample
08b98cea751df2f1a0b93c1026c98c62_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
08b98cea751df2f1a0b93c1026c98c62_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
08b98cea751df2f1a0b93c1026c98c62_JaffaCakes118
-
Size
706KB
-
MD5
08b98cea751df2f1a0b93c1026c98c62
-
SHA1
059e9e6615c562af98d4505f12d3ae1f08b6ef67
-
SHA256
5f5e4235a44db94afdd2f9643e14f36d69f3854040270a78125529070d83e098
-
SHA512
6e5a248a0a84f3d44ee5a494e138313ccbd69a3cdabef0e7b23302df9164fc82a6d66c06d4e1042e48376ef79a72e3170dfe28e65317cac0de01ab5a49982dde
-
SSDEEP
12288:tLIqdYi+c5m3UtUV11g+V6WRoTG0WBSVXF3Z4mxxzDqVTVOCy:pIXc5m3UCN9V6qoT/W0XQmXaVTzy
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-