Overview

overview

10

Static

static

10

JaffaCakes...b7.exe

windows7-x64

10

JaffaCakes...b7.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    105s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/03/2025, 20:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_97a7e6b4be820496b7d043e1e41a93b7.exe

  • Size

    9KB

  • MD5

    97a7e6b4be820496b7d043e1e41a93b7

  • SHA1

    8f0ac254cac586c35cb0aef8b2a85baa83842d4e

  • SHA256

    8d7686574bd66420d56f780fdf582560fbacad110320c9ccb0c0ce751d469909

  • SHA512

    2a22c7c76a078e9e8b0cb5e89b84d618700894801ee078b6b151d0bb15a3acb927b363e10cace091000ef38d10a64dd160c10ea67396cade9ba725daabea7a7d

  • SSDEEP

    192:nOyQefGIGk7KRkwdav6/lvn08+JeVeHWOaTnxcl5:Mef57+fOaG5

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • Modiloader family
    modiloader
  • ModiLoader Second Stage 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_97a7e6b4be820496b7d043e1e41a93b7.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_97a7e6b4be820496b7d043e1e41a93b7.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4420

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4420-0-0x0000000000400000-0x000000000040A000-memory.dmp

    Filesize

    40KB

    Download