General
-
Target
e967220457c9f05f70ac25603cf09de8_JaffaCakes118
-
Size
321KB
-
Sample
240918-smf8gaxfmf
-
MD5
e967220457c9f05f70ac25603cf09de8
-
SHA1
30073ca2e394ea9c04f2263011946d0df3175620
-
SHA256
7f43ff336dd90345c3d56e7c19b5fbd2b62d787baff30463a52500e25bca840f
-
SHA512
bdccceb38c1e991f804ae5f762c2df9da3ee4ad923c599e68f25147d6ae2fcee08376ae348b2bb22fb5b774495228d903ab82e2ac3c9dcbe3965b515c7d449dc
-
SSDEEP
6144:QGyjnBSkuV1d4eZd88ORJIf/wTBV53k3uYo2qWoR+dmhpc5foS:bYnBSkuVUeZdYqwT23uYo2qWoR+dmhGZ
Behavioral task
behavioral1
Sample
e967220457c9f05f70ac25603cf09de8_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e967220457c9f05f70ac25603cf09de8_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e967220457c9f05f70ac25603cf09de8_JaffaCakes118
-
Size
321KB
-
MD5
e967220457c9f05f70ac25603cf09de8
-
SHA1
30073ca2e394ea9c04f2263011946d0df3175620
-
SHA256
7f43ff336dd90345c3d56e7c19b5fbd2b62d787baff30463a52500e25bca840f
-
SHA512
bdccceb38c1e991f804ae5f762c2df9da3ee4ad923c599e68f25147d6ae2fcee08376ae348b2bb22fb5b774495228d903ab82e2ac3c9dcbe3965b515c7d449dc
-
SSDEEP
6144:QGyjnBSkuV1d4eZd88ORJIf/wTBV53k3uYo2qWoR+dmhpc5foS:bYnBSkuVUeZdYqwT23uYo2qWoR+dmhGZ
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3