General

  • Target

    de9721321a7c4a0ffd6312bf355f0e30_JaffaCakes118

  • Size

    365KB

  • Sample

    240913-wasbrazapn

  • MD5

    de9721321a7c4a0ffd6312bf355f0e30

  • SHA1

    20d31f5595054b56390494aec19a7cec78a00c79

  • SHA256

    5be4847da11b0d4132d2d763a2d098a0907d2d31323df2e36b744e9df2712fee

  • SHA512

    f330dc0ed481c6121e12d6cdb3182f923f8466dc182bb6cc84cbc0ca8c586aab95eb291e1733c25baa03acedee7cd480eac9cd229c5311378fc153119209ccb7

  • SSDEEP

    6144:/B2j3R7KR7lgjGH6EMjcOLe9W8liHNbMfrFCKEwbZCq3hm7yb/8V:/Be3Zc7lgjs6VLecYwNbMfrFtEKF3h2v

Malware Config

Targets

    • Target

      de9721321a7c4a0ffd6312bf355f0e30_JaffaCakes118

    • Size

      365KB

    • MD5

      de9721321a7c4a0ffd6312bf355f0e30

    • SHA1

      20d31f5595054b56390494aec19a7cec78a00c79

    • SHA256

      5be4847da11b0d4132d2d763a2d098a0907d2d31323df2e36b744e9df2712fee

    • SHA512

      f330dc0ed481c6121e12d6cdb3182f923f8466dc182bb6cc84cbc0ca8c586aab95eb291e1733c25baa03acedee7cd480eac9cd229c5311378fc153119209ccb7

    • SSDEEP

      6144:/B2j3R7KR7lgjGH6EMjcOLe9W8liHNbMfrFCKEwbZCq3hm7yb/8V:/Be3Zc7lgjs6VLecYwNbMfrFtEKF3h2v

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.