General
-
Target
eedc7e53d411209c65fecb412ad0003e_JaffaCakes118
-
Size
685KB
-
Sample
240921-ce42kazeqn
-
MD5
eedc7e53d411209c65fecb412ad0003e
-
SHA1
34e9fc1f7a3cd815796f21b93c07d95cd8175b1c
-
SHA256
8fe99cf35b9f320e31d9084e7f0ca32fd0a86659154bee2de76b6470369c1b3c
-
SHA512
12c6d1856e615a9a1036ff936f104105884115f46d9890866b1ceeea3205ce744c709e2ec1431281c2b11c6ff59a44ba9d1937bead901417835d1de488aeb0ba
-
SSDEEP
12288:vJXAGTI10JLFxYQnb75ifKWX0PBSadXqtV77QZDVT58:BwGc0JLIQxiyBsweAVTu
Behavioral task
behavioral1
Sample
eedc7e53d411209c65fecb412ad0003e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
eedc7e53d411209c65fecb412ad0003e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
eedc7e53d411209c65fecb412ad0003e_JaffaCakes118
-
Size
685KB
-
MD5
eedc7e53d411209c65fecb412ad0003e
-
SHA1
34e9fc1f7a3cd815796f21b93c07d95cd8175b1c
-
SHA256
8fe99cf35b9f320e31d9084e7f0ca32fd0a86659154bee2de76b6470369c1b3c
-
SHA512
12c6d1856e615a9a1036ff936f104105884115f46d9890866b1ceeea3205ce744c709e2ec1431281c2b11c6ff59a44ba9d1937bead901417835d1de488aeb0ba
-
SSDEEP
12288:vJXAGTI10JLFxYQnb75ifKWX0PBSadXqtV77QZDVT58:BwGc0JLIQxiyBsweAVTu
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-