General
-
Target
9c7bc55eab954749fe30c024051387e3_JaffaCakes118
-
Size
833KB
-
Sample
241125-tb5blatrav
-
MD5
9c7bc55eab954749fe30c024051387e3
-
SHA1
a6ba5e8d172ac91ba8473d32919f94e0dd615a8e
-
SHA256
5a2a4c83b09301c0f1d1dac46839d472602531342a1896c9fad3733bf1fcfe88
-
SHA512
70b08e7dd40b1cfdb1243d10ded0ed3f9471d340d328146da1cdd2b0b3a63d7febf7a20b0620061f60066e7981bc7522b385db124ea4219aa3a63a6b7dc9a2d8
-
SSDEEP
12288:sIZIJ8lG4FMng6oWoMtmo2vay2oRzSMlpQwxBcdpVAfgR3HD0uPF6Izrmmjhdg9O:/ZIJ8lG4Fj6oWoMbSayVlpMFJhd6Ib
Static task
static1
Behavioral task
behavioral1
Sample
9c7bc55eab954749fe30c024051387e3_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9c7bc55eab954749fe30c024051387e3_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9c7bc55eab954749fe30c024051387e3_JaffaCakes118
-
Size
833KB
-
MD5
9c7bc55eab954749fe30c024051387e3
-
SHA1
a6ba5e8d172ac91ba8473d32919f94e0dd615a8e
-
SHA256
5a2a4c83b09301c0f1d1dac46839d472602531342a1896c9fad3733bf1fcfe88
-
SHA512
70b08e7dd40b1cfdb1243d10ded0ed3f9471d340d328146da1cdd2b0b3a63d7febf7a20b0620061f60066e7981bc7522b385db124ea4219aa3a63a6b7dc9a2d8
-
SSDEEP
12288:sIZIJ8lG4FMng6oWoMtmo2vay2oRzSMlpQwxBcdpVAfgR3HD0uPF6Izrmmjhdg9O:/ZIJ8lG4Fj6oWoMbSayVlpMFJhd6Ib
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-