General

  • Target

    1e98842566042769e48ac612258e08fc_JaffaCakes118

  • Size

    270KB

  • Sample

    240506-2krqvshd94

  • MD5

    1e98842566042769e48ac612258e08fc

  • SHA1

    fc7b4bfe79d0d3776283675a470f50fc191fdf5c

  • SHA256

    49481deb207b1c4f613a92dbc49ff703324960e2a997fd30b9e6811c49b9caa8

  • SHA512

    d36f247465885f360db0bbf68dc86bc52a032f597168efa4a3fafd97d3bd8e3679e6e6f434933150bff69945ae698dd294396270e3079156fe8ad8035c518274

  • SSDEEP

    6144:KG377xS2Vp2CeiorXhwTBOz53KUpcCJJvH:Zr7xS2Vp6FwTXUbJJvH

Malware Config

Targets

    • Target

      1e98842566042769e48ac612258e08fc_JaffaCakes118

    • Size

      270KB

    • MD5

      1e98842566042769e48ac612258e08fc

    • SHA1

      fc7b4bfe79d0d3776283675a470f50fc191fdf5c

    • SHA256

      49481deb207b1c4f613a92dbc49ff703324960e2a997fd30b9e6811c49b9caa8

    • SHA512

      d36f247465885f360db0bbf68dc86bc52a032f597168efa4a3fafd97d3bd8e3679e6e6f434933150bff69945ae698dd294396270e3079156fe8ad8035c518274

    • SSDEEP

      6144:KG377xS2Vp2CeiorXhwTBOz53KUpcCJJvH:Zr7xS2Vp6FwTXUbJJvH

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks