General
-
Target
dda7edce12b4124dd7be6faf2843aea4_JaffaCakes118
-
Size
1.6MB
-
Sample
240913-evx93atepr
-
MD5
dda7edce12b4124dd7be6faf2843aea4
-
SHA1
a0f074733daa9e5715edd823186629ac3dd965b0
-
SHA256
f2311764e12c512800409cc377a36af427a6a3359476433e4762cc677209d9ef
-
SHA512
bf8b027719de6bda6b7416c45a9134bbbd4f8aca1e78c4b10c64c574d506589e75460199c5e7e4d4063eafe9ad0efdb0e083b90eefab2a3d220dddfba15a50d3
-
SSDEEP
24576:3cEqeoirXtjsFYCgVVtsFMQG/xkz0UuIViDY8Dy7uI7fQXIWoLm2I0dyV+oBMiXI:3cEqePV3e9C3HoC5JvY7j8mJhySlT
Static task
static1
Behavioral task
behavioral1
Sample
dda7edce12b4124dd7be6faf2843aea4_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dda7edce12b4124dd7be6faf2843aea4_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
dda7edce12b4124dd7be6faf2843aea4_JaffaCakes118
-
Size
1.6MB
-
MD5
dda7edce12b4124dd7be6faf2843aea4
-
SHA1
a0f074733daa9e5715edd823186629ac3dd965b0
-
SHA256
f2311764e12c512800409cc377a36af427a6a3359476433e4762cc677209d9ef
-
SHA512
bf8b027719de6bda6b7416c45a9134bbbd4f8aca1e78c4b10c64c574d506589e75460199c5e7e4d4063eafe9ad0efdb0e083b90eefab2a3d220dddfba15a50d3
-
SSDEEP
24576:3cEqeoirXtjsFYCgVVtsFMQG/xkz0UuIViDY8Dy7uI7fQXIWoLm2I0dyV+oBMiXI:3cEqePV3e9C3HoC5JvY7j8mJhySlT
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3