General

  • Target

    06687e454086fb47dec4c4b1ec0817bc_JaffaCakes118

  • Size

    108KB

  • Sample

    240620-qpplhstgmk

  • MD5

    06687e454086fb47dec4c4b1ec0817bc

  • SHA1

    777bb48a83c10d40394655531de7825df0e7663a

  • SHA256

    eb70cc34d1819bf93ddd7470a6879444f94dc809e55cd99ccbdebf44ca03fd92

  • SHA512

    7a5ded006902eeb3b4116059ef4cc25b39e9c9b174c7cf1948a9621a3e44c341266c1ea6b57a1caf69e165d52f2555967f8df26d1644f73503207a7360ca6d14

  • SSDEEP

    1536:uVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09+2sgVcd/TMnouy8:8oy8j7VnNdrPHaSekwi+mW+25VYoout

Malware Config

Targets

    • Target

      06687e454086fb47dec4c4b1ec0817bc_JaffaCakes118

    • Size

      108KB

    • MD5

      06687e454086fb47dec4c4b1ec0817bc

    • SHA1

      777bb48a83c10d40394655531de7825df0e7663a

    • SHA256

      eb70cc34d1819bf93ddd7470a6879444f94dc809e55cd99ccbdebf44ca03fd92

    • SHA512

      7a5ded006902eeb3b4116059ef4cc25b39e9c9b174c7cf1948a9621a3e44c341266c1ea6b57a1caf69e165d52f2555967f8df26d1644f73503207a7360ca6d14

    • SSDEEP

      1536:uVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09+2sgVcd/TMnouy8:8oy8j7VnNdrPHaSekwi+mW+25VYoout

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks