General

  • Target

    25b1aab859dd21caa54d5b9cba8b4ce7_JaffaCakes118

  • Size

    313KB

  • Sample

    240704-wg4cla1dnn

  • MD5

    25b1aab859dd21caa54d5b9cba8b4ce7

  • SHA1

    89a6b286ba812df8442cd9c8a7152f4e6bb1d0ad

  • SHA256

    f75b21eb816c82d762644e4203ac6347e2efc5a69ece25fb95eb3be464779c83

  • SHA512

    2148af8b2c0874514b89794005c656e40563e161ed476877800b9541ef4b78ea18d85df29846e283cd20c5982a12c80cb93e362aad43a40c25a3bb9e9d04eba2

  • SSDEEP

    6144:mGyjnBSkuV1d4eZd88ORJIf/wTBl53cpcYGXZoS:FYnBSkuVUeZdYqwTqyoS

Malware Config

Targets

    • Target

      25b1aab859dd21caa54d5b9cba8b4ce7_JaffaCakes118

    • Size

      313KB

    • MD5

      25b1aab859dd21caa54d5b9cba8b4ce7

    • SHA1

      89a6b286ba812df8442cd9c8a7152f4e6bb1d0ad

    • SHA256

      f75b21eb816c82d762644e4203ac6347e2efc5a69ece25fb95eb3be464779c83

    • SHA512

      2148af8b2c0874514b89794005c656e40563e161ed476877800b9541ef4b78ea18d85df29846e283cd20c5982a12c80cb93e362aad43a40c25a3bb9e9d04eba2

    • SSDEEP

      6144:mGyjnBSkuV1d4eZd88ORJIf/wTBl53cpcYGXZoS:FYnBSkuVUeZdYqwTqyoS

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks