Overview

overview

10

Static

static

3

e958adfed4...18.exe

windows7-x64

10

e958adfed4...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e958adfed4455ba90f3b8c8b49849c47_JaffaCakes118

  • Size

    264KB

  • Sample

    240918-r25c6sxcpm

  • MD5

    e958adfed4455ba90f3b8c8b49849c47

  • SHA1

    d05078f2bbe158d1ec813c1dfb5baa4309458b8b

  • SHA256

    c23cfac9d0959e49152c729bcae1d83170ce10f4a71f5128058b6c0886e039ad

  • SHA512

    df438698c35c831f721f1f47a9c73a6d99110287c8347de127529fb5541cdeacd40a1c947e9ece4e77c5930042fc4e6fdfb4c2216070ca53878767de82ef844a

  • SSDEEP

    6144:B+A3Oh8JNj+XY6qtRKgQYlwbsgt7FhEg+cqcvfe7tES:fOuJNj+XYbtjZlwbjFFhBdqciF

Score
10/10
modiloaderdiscoveryevasiontrojan

Malware Config

Targets

    • Target

      e958adfed4455ba90f3b8c8b49849c47_JaffaCakes118

    • Size

      264KB

    • MD5

      e958adfed4455ba90f3b8c8b49849c47

    • SHA1

      d05078f2bbe158d1ec813c1dfb5baa4309458b8b

    • SHA256

      c23cfac9d0959e49152c729bcae1d83170ce10f4a71f5128058b6c0886e039ad

    • SHA512

      df438698c35c831f721f1f47a9c73a6d99110287c8347de127529fb5541cdeacd40a1c947e9ece4e77c5930042fc4e6fdfb4c2216070ca53878767de82ef844a

    • SSDEEP

      6144:B+A3Oh8JNj+XY6qtRKgQYlwbsgt7FhEg+cqcvfe7tES:fOuJNj+XYbtjZlwbjFFhBdqciF

    Score
    10/10
    modiloaderdiscoveryevasiontrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks