General
-
Target
8b22d40166f7316a7c8ae0375f60e984_JaffaCakes118
-
Size
80KB
-
Sample
241103-m3tkvasdqa
-
MD5
8b22d40166f7316a7c8ae0375f60e984
-
SHA1
3c2c700ce1553b6d96cf1f83f280acd7bca6f143
-
SHA256
c30de93ba586648ea6b3c897840d1a3a11ae1962c11ac15e82ba153d271e54fe
-
SHA512
e7f035678ff593dbf90c810634c33428be074f6d41cd0e3f14a1a6a2990b30ae31ceceec0077144b7f8a5531bb330783316ae982168513946c8b95c1da9f73fb
-
SSDEEP
1536:4q6u9kHqyY71zdfMIn8ofsx3MfwzjNO6HPG1ab/K/xypMcUwjgVU/eDSWqESb3:4qMqXxdEaKhSwnVPG1aDK/spMhwsDSWq
Static task
static1
Behavioral task
behavioral1
Sample
8b22d40166f7316a7c8ae0375f60e984_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8b22d40166f7316a7c8ae0375f60e984_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8b22d40166f7316a7c8ae0375f60e984_JaffaCakes118
-
Size
80KB
-
MD5
8b22d40166f7316a7c8ae0375f60e984
-
SHA1
3c2c700ce1553b6d96cf1f83f280acd7bca6f143
-
SHA256
c30de93ba586648ea6b3c897840d1a3a11ae1962c11ac15e82ba153d271e54fe
-
SHA512
e7f035678ff593dbf90c810634c33428be074f6d41cd0e3f14a1a6a2990b30ae31ceceec0077144b7f8a5531bb330783316ae982168513946c8b95c1da9f73fb
-
SSDEEP
1536:4q6u9kHqyY71zdfMIn8ofsx3MfwzjNO6HPG1ab/K/xypMcUwjgVU/eDSWqESb3:4qMqXxdEaKhSwnVPG1aDK/spMhwsDSWq
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-