General
-
Target
JaffaCakes118_537b721d960ce3319156409c8dd4fd90
-
Size
4.3MB
-
Sample
250115-ls4gmayqbz
-
MD5
537b721d960ce3319156409c8dd4fd90
-
SHA1
52c3bc8bfa0e74d37dad7bead86b895c93669428
-
SHA256
22f5967085d28b79dfa37b70707d1f1aa68887677301fb98237b49e13e56f56d
-
SHA512
78be24b66965bbaa92380ded074f14c51795492f113f43ea77d73c5d8b0c0f1503573232e1f2710979272f3d78a80e899db4a3485ea99db0bc32833c93521946
-
SSDEEP
24576:GEf7wqJoqeH1h+QUnws0MrnHsjofFsZeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeg:GssqJU0T0MrnHIofOEoTI4qUAZGiUk
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_537b721d960ce3319156409c8dd4fd90.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_537b721d960ce3319156409c8dd4fd90.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_537b721d960ce3319156409c8dd4fd90
-
Size
4.3MB
-
MD5
537b721d960ce3319156409c8dd4fd90
-
SHA1
52c3bc8bfa0e74d37dad7bead86b895c93669428
-
SHA256
22f5967085d28b79dfa37b70707d1f1aa68887677301fb98237b49e13e56f56d
-
SHA512
78be24b66965bbaa92380ded074f14c51795492f113f43ea77d73c5d8b0c0f1503573232e1f2710979272f3d78a80e899db4a3485ea99db0bc32833c93521946
-
SSDEEP
24576:GEf7wqJoqeH1h+QUnws0MrnHsjofFsZeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeg:GssqJU0T0MrnHIofOEoTI4qUAZGiUk
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3