General
-
Target
22de26dd8e95003da48d92d16f72db47_JaffaCakes118
-
Size
319KB
-
Sample
240703-szy9tawfna
-
MD5
22de26dd8e95003da48d92d16f72db47
-
SHA1
b7bf2cfa53517fe1dfa65f9a434b44253beead76
-
SHA256
5981aad204806f3f7c61c61d3848c15d33d235fd27e422801f4973a561aec07f
-
SHA512
ff4bbef017276c69ef517b87af6c69ffbb79faf0dcf537d45f8761b3bd46f129cf73d959b81dd136327693e58b2deefbae489bc4d765f0aeb4068dcd500fdee2
-
SSDEEP
6144:TGyjnBSkuV1d4eZd88ORJIf/wTBV53tpc27BoS2:iYnBSkuVUeZdYqwTPloS
Behavioral task
behavioral1
Sample
22de26dd8e95003da48d92d16f72db47_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
22de26dd8e95003da48d92d16f72db47_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
22de26dd8e95003da48d92d16f72db47_JaffaCakes118
-
Size
319KB
-
MD5
22de26dd8e95003da48d92d16f72db47
-
SHA1
b7bf2cfa53517fe1dfa65f9a434b44253beead76
-
SHA256
5981aad204806f3f7c61c61d3848c15d33d235fd27e422801f4973a561aec07f
-
SHA512
ff4bbef017276c69ef517b87af6c69ffbb79faf0dcf537d45f8761b3bd46f129cf73d959b81dd136327693e58b2deefbae489bc4d765f0aeb4068dcd500fdee2
-
SSDEEP
6144:TGyjnBSkuV1d4eZd88ORJIf/wTBV53tpc27BoS2:iYnBSkuVUeZdYqwTPloS
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1