General
-
Target
e90e04d1b158166cde595a5a4b8a7565_JaffaCakes118
-
Size
169KB
-
Sample
240918-n1hk8szflq
-
MD5
e90e04d1b158166cde595a5a4b8a7565
-
SHA1
c2d0531b612d78e29eefa060a007d500ca734b50
-
SHA256
0158f8481620630ff2773d12a95731a090fd782b1b3425eb199282729995bcf3
-
SHA512
c6941e7a8cdfe6c6f042d0df7f57314a11cbc87262dd1c297dee6d518e6cf21241ac423dabf32e76d20345e3c9ea72e115e3ee907d84312e4e79af8ab91c6de5
-
SSDEEP
3072:l18Rkbrg4xQanJgIdkS8eaSeHy53u621mOQHgf1rgJoVPhJjnkRdXxajCW8FbfwP:uu31taSeHm3PvOQAf1kJchJjw5xajSFy
Behavioral task
behavioral1
Sample
e90e04d1b158166cde595a5a4b8a7565_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e90e04d1b158166cde595a5a4b8a7565_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e90e04d1b158166cde595a5a4b8a7565_JaffaCakes118
-
Size
169KB
-
MD5
e90e04d1b158166cde595a5a4b8a7565
-
SHA1
c2d0531b612d78e29eefa060a007d500ca734b50
-
SHA256
0158f8481620630ff2773d12a95731a090fd782b1b3425eb199282729995bcf3
-
SHA512
c6941e7a8cdfe6c6f042d0df7f57314a11cbc87262dd1c297dee6d518e6cf21241ac423dabf32e76d20345e3c9ea72e115e3ee907d84312e4e79af8ab91c6de5
-
SSDEEP
3072:l18Rkbrg4xQanJgIdkS8eaSeHy53u621mOQHgf1rgJoVPhJjnkRdXxajCW8FbfwP:uu31taSeHm3PvOQAf1kJchJjw5xajSFy
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-