General
-
Target
cc67a023951e8052b745474313f1ae32_JaffaCakes118
-
Size
238KB
-
Sample
241206-l24traxqap
-
MD5
cc67a023951e8052b745474313f1ae32
-
SHA1
786d7e7e1a0d28950a4366fdef9497cc4ae38d0d
-
SHA256
ed4336ebc814a516a87a96e284cb09b056a87b4303ca5f7eee03e631371ea9d8
-
SHA512
5e5c774cb10f3c34a81f0c5921cb38b1917ae4043dfc0e50e287c61ce4ac9aa28c56dd1558f4e86a393cae5846d7a4ddb1fa2c658361c7398e19c51d8ea89e06
-
SSDEEP
3072:mc/c5TSQz8eKG1pdc6dg/3k6Jny3j8TU9uuZmVIJMcF6GyKrdrnwL+:m1hB/Rdg/U6JnyAT9uBJTdEL+
Static task
static1
Behavioral task
behavioral1
Sample
cc67a023951e8052b745474313f1ae32_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
cc67a023951e8052b745474313f1ae32_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
cc67a023951e8052b745474313f1ae32_JaffaCakes118
-
Size
238KB
-
MD5
cc67a023951e8052b745474313f1ae32
-
SHA1
786d7e7e1a0d28950a4366fdef9497cc4ae38d0d
-
SHA256
ed4336ebc814a516a87a96e284cb09b056a87b4303ca5f7eee03e631371ea9d8
-
SHA512
5e5c774cb10f3c34a81f0c5921cb38b1917ae4043dfc0e50e287c61ce4ac9aa28c56dd1558f4e86a393cae5846d7a4ddb1fa2c658361c7398e19c51d8ea89e06
-
SSDEEP
3072:mc/c5TSQz8eKG1pdc6dg/3k6Jny3j8TU9uuZmVIJMcF6GyKrdrnwL+:m1hB/Rdg/U6JnyAT9uBJTdEL+
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2