General
-
Target
251db191002d681b4ff09a000044cbd8_JaffaCakes118
-
Size
1.3MB
-
Sample
240704-jbm27ssgpb
-
MD5
251db191002d681b4ff09a000044cbd8
-
SHA1
8d8b633fbd506999a6b1edb16005131f8dd48518
-
SHA256
32d0bc05e9cd5f501e360713c00463657abc07720fd86aeaf329f658e84fec62
-
SHA512
cd24c5533db103150a688cc51801cc626f884d30a203fd7eb155497c1e2d4e0d46a26363cc5edf7ee8f293e9cd58c5add728dd3725fb727ea62da3abf39de5d2
-
SSDEEP
24576:pUyEFB27XmWTp9icxwJgBag/3wbdCrPQzv5s0DJksUoUc52qSQWNqiV:2/orp9y5gfwbdgSGa7cMWV
Behavioral task
behavioral1
Sample
251db191002d681b4ff09a000044cbd8_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
251db191002d681b4ff09a000044cbd8_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
251db191002d681b4ff09a000044cbd8_JaffaCakes118
-
Size
1.3MB
-
MD5
251db191002d681b4ff09a000044cbd8
-
SHA1
8d8b633fbd506999a6b1edb16005131f8dd48518
-
SHA256
32d0bc05e9cd5f501e360713c00463657abc07720fd86aeaf329f658e84fec62
-
SHA512
cd24c5533db103150a688cc51801cc626f884d30a203fd7eb155497c1e2d4e0d46a26363cc5edf7ee8f293e9cd58c5add728dd3725fb727ea62da3abf39de5d2
-
SSDEEP
24576:pUyEFB27XmWTp9icxwJgBag/3wbdCrPQzv5s0DJksUoUc52qSQWNqiV:2/orp9y5gfwbdgSGa7cMWV
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1