General
-
Target
75e42902bc8d9f2c8d856b565f800223_JaffaCakes118
-
Size
268KB
-
Sample
240726-1tzmdsxckp
-
MD5
75e42902bc8d9f2c8d856b565f800223
-
SHA1
853b6ca6439f5041f17332fb33106477a9809eb7
-
SHA256
f6b42240ce066396715329e5c502a86a715fcd8c3217597926a3c95ca928518f
-
SHA512
c76da052e4d53f9b01c3e0289bf2842595f7134c53b243064f5ec69c818f839e9e1d72ce61d5f96b0c64f0fbff81ae3fd3c1e5b2a8aca199a6a31fd7abcb606a
-
SSDEEP
6144:Ev1nCsqQoNSWiwassZFbuPZYHNv/5rH4+af2rJpT/YSnNBz4:unCs2sqascFQqtv/V4NfkJpT/L
Behavioral task
behavioral1
Sample
75e42902bc8d9f2c8d856b565f800223_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
75e42902bc8d9f2c8d856b565f800223_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
75e42902bc8d9f2c8d856b565f800223_JaffaCakes118
-
Size
268KB
-
MD5
75e42902bc8d9f2c8d856b565f800223
-
SHA1
853b6ca6439f5041f17332fb33106477a9809eb7
-
SHA256
f6b42240ce066396715329e5c502a86a715fcd8c3217597926a3c95ca928518f
-
SHA512
c76da052e4d53f9b01c3e0289bf2842595f7134c53b243064f5ec69c818f839e9e1d72ce61d5f96b0c64f0fbff81ae3fd3c1e5b2a8aca199a6a31fd7abcb606a
-
SSDEEP
6144:Ev1nCsqQoNSWiwassZFbuPZYHNv/5rH4+af2rJpT/YSnNBz4:unCs2sqascFQqtv/V4NfkJpT/L
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modifies WinLogon for persistence
-
ModiLoader Second Stage
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-