General

  • Target

    2555b2b6ca10e1a73fe310c40161f4b3_JaffaCakes118

  • Size

    434KB

  • Sample

    240704-krtelashlq

  • MD5

    2555b2b6ca10e1a73fe310c40161f4b3

  • SHA1

    64313a4999f9297caa94c814e78feb0ad8a2bee7

  • SHA256

    54e316c02d8fc24245863b1b28bfcfec898363ba17fb32cd50526c1902677280

  • SHA512

    474ead352d29b82f3a499f7601f0e6f17668fd4aa9806c70fdf0a1825ee96f4ccbe22a1773b0c6fd738202aae7714c04d13f93c3436c19773c5ad0895ffc4da0

  • SSDEEP

    6144:gKNnTwABk3ZFno+T5OhN42eqaEeWg6cXxwmt8j/D3vVO0c8kh0rIJppHoqrgguFB:pT5W33VQN4lLOyXaL80c8J+Hoy2lL

Malware Config

Targets

    • Target

      2555b2b6ca10e1a73fe310c40161f4b3_JaffaCakes118

    • Size

      434KB

    • MD5

      2555b2b6ca10e1a73fe310c40161f4b3

    • SHA1

      64313a4999f9297caa94c814e78feb0ad8a2bee7

    • SHA256

      54e316c02d8fc24245863b1b28bfcfec898363ba17fb32cd50526c1902677280

    • SHA512

      474ead352d29b82f3a499f7601f0e6f17668fd4aa9806c70fdf0a1825ee96f4ccbe22a1773b0c6fd738202aae7714c04d13f93c3436c19773c5ad0895ffc4da0

    • SSDEEP

      6144:gKNnTwABk3ZFno+T5OhN42eqaEeWg6cXxwmt8j/D3vVO0c8kh0rIJppHoqrgguFB:pT5W33VQN4lLOyXaL80c8J+Hoy2lL

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks