General
-
Target
9deb78430bb2da07d021066aeefb6803_JaffaCakes118
-
Size
1.0MB
-
Sample
241125-z16tlstkcq
-
MD5
9deb78430bb2da07d021066aeefb6803
-
SHA1
a73a3a89b4d3eba148eec98e8aa707eb0001b6eb
-
SHA256
6592a1c278b3c65f61c2f05022aa8a7d3ddba1db39f2716f7f145a17325b59ff
-
SHA512
c8c4b1a88d440ffc23e0da1eb9209401191dd10251fbe4089e0eabde97d00a02e11e5c4a770792b6757ea22f7abd67335e0ab5391302497e93f8058eda96f580
-
SSDEEP
24576:/eDQmXATejKj58fH7+VO5DFzdHL8GOAKOq1WQW2pwnipa7K:20mwejamH7+gJzV8nWQWbi07K
Static task
static1
Behavioral task
behavioral1
Sample
9deb78430bb2da07d021066aeefb6803_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
9deb78430bb2da07d021066aeefb6803_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9deb78430bb2da07d021066aeefb6803_JaffaCakes118
-
Size
1.0MB
-
MD5
9deb78430bb2da07d021066aeefb6803
-
SHA1
a73a3a89b4d3eba148eec98e8aa707eb0001b6eb
-
SHA256
6592a1c278b3c65f61c2f05022aa8a7d3ddba1db39f2716f7f145a17325b59ff
-
SHA512
c8c4b1a88d440ffc23e0da1eb9209401191dd10251fbe4089e0eabde97d00a02e11e5c4a770792b6757ea22f7abd67335e0ab5391302497e93f8058eda96f580
-
SSDEEP
24576:/eDQmXATejKj58fH7+VO5DFzdHL8GOAKOq1WQW2pwnipa7K:20mwejamH7+gJzV8nWQWbi07K
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-