General
-
Target
f91f409fb844a0b7c3f07f6d9f206172_JaffaCakes118
-
Size
594KB
-
Sample
240926-ysmv4aydqa
-
MD5
f91f409fb844a0b7c3f07f6d9f206172
-
SHA1
73d2e97865e4b684ca70883ffee964499572d63b
-
SHA256
75da0bdb1e7cc96188967e5985229908009b8dc3e61a7b1cd64507fdf0d9ac53
-
SHA512
be85bd27fa4a1df9876e02ca5de49475093f35aed0ba456fbc5a0c809cd3d8a54f8c6a4c88ba619ee41c3315ebea26c7fe21798d0aa14f4caf3ef3326b7621c9
-
SSDEEP
12288:eIfGYbfS7Q10VyhvXoZ4JF3Z4mxxT6hss9+ChYR1A:eI3LS4hvXosQmXT+ssMEOA
Static task
static1
Behavioral task
behavioral1
Sample
f91f409fb844a0b7c3f07f6d9f206172_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
f91f409fb844a0b7c3f07f6d9f206172_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
f91f409fb844a0b7c3f07f6d9f206172_JaffaCakes118
-
Size
594KB
-
MD5
f91f409fb844a0b7c3f07f6d9f206172
-
SHA1
73d2e97865e4b684ca70883ffee964499572d63b
-
SHA256
75da0bdb1e7cc96188967e5985229908009b8dc3e61a7b1cd64507fdf0d9ac53
-
SHA512
be85bd27fa4a1df9876e02ca5de49475093f35aed0ba456fbc5a0c809cd3d8a54f8c6a4c88ba619ee41c3315ebea26c7fe21798d0aa14f4caf3ef3326b7621c9
-
SSDEEP
12288:eIfGYbfS7Q10VyhvXoZ4JF3Z4mxxT6hss9+ChYR1A:eI3LS4hvXosQmXT+ssMEOA
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-