Overview

overview

10

Static

static

7

27957ef08d...18.exe

windows7-x64

10

27957ef08d...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    27957ef08db4ea7e3033756bc74bea55_JaffaCakes118

  • Size

    108KB

  • Sample

    240706-hd6rnaygpj

  • MD5

    27957ef08db4ea7e3033756bc74bea55

  • SHA1

    bb287e5f4a73a2ffe5e7413e510361ff640ce359

  • SHA256

    b001396687f97bb72e920cf8ededb715e8085b8b19add7a91ea1cda33f70c73f

  • SHA512

    84e5f96c14ba5072a7cd76e95239d5934256f998735bededd03a484d9ddf0b9891809ae769c670450e4e758745e84c8d3a998bc6590d20d394579185b89c230e

  • SSDEEP

    1536:AVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09+27CpKYiwZinouy3:uoy8j7VnNdrPHaSekwi+mW+2U8loutQ

Score
10/10
modiloaderevasiontrojanupx

Malware Config

Targets

    • Target

      27957ef08db4ea7e3033756bc74bea55_JaffaCakes118

    • Size

      108KB

    • MD5

      27957ef08db4ea7e3033756bc74bea55

    • SHA1

      bb287e5f4a73a2ffe5e7413e510361ff640ce359

    • SHA256

      b001396687f97bb72e920cf8ededb715e8085b8b19add7a91ea1cda33f70c73f

    • SHA512

      84e5f96c14ba5072a7cd76e95239d5934256f998735bededd03a484d9ddf0b9891809ae769c670450e4e758745e84c8d3a998bc6590d20d394579185b89c230e

    • SSDEEP

      1536:AVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09+27CpKYiwZinouy3:uoy8j7VnNdrPHaSekwi+mW+2U8loutQ

    Score
    10/10
    modiloaderevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks