Overview

overview

10

Static

static

3

f115a773ae...18.exe

windows7-x64

10

f115a773ae...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f115a773ae07e2cc4827b71fec476a85_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240922-cqb5xsxeja

  • MD5

    f115a773ae07e2cc4827b71fec476a85

  • SHA1

    a6fcba8abc27c0b7b36e504c5e7ce2b5268a20c2

  • SHA256

    68bbb4cab51f0c8162b4802589826c572f60333300b38db7411ad1a91a80b07c

  • SHA512

    b9e60731c4309bd1bfa3918e55ba05c380a80157cd5c6a38f14a610b055fa69a73769d30056f281a0f50842c2242632b8b292d51bec9e9dd266c0f217f61186d

  • SSDEEP

    24576:CWN1jLyb+IXNEUwUMuMJT4v7CnyUcKcg5sxti7a/evCaUy:CgLyqIXCVJ8v7ClczVtu+y

Score
10/10
modiloaderdiscoveryevasiontrojan

Malware Config

Targets

    • Target

      f115a773ae07e2cc4827b71fec476a85_JaffaCakes118

    • Size

      1.2MB

    • MD5

      f115a773ae07e2cc4827b71fec476a85

    • SHA1

      a6fcba8abc27c0b7b36e504c5e7ce2b5268a20c2

    • SHA256

      68bbb4cab51f0c8162b4802589826c572f60333300b38db7411ad1a91a80b07c

    • SHA512

      b9e60731c4309bd1bfa3918e55ba05c380a80157cd5c6a38f14a610b055fa69a73769d30056f281a0f50842c2242632b8b292d51bec9e9dd266c0f217f61186d

    • SSDEEP

      24576:CWN1jLyb+IXNEUwUMuMJT4v7CnyUcKcg5sxti7a/evCaUy:CgLyqIXCVJ8v7ClczVtu+y

    Score
    10/10
    modiloaderdiscoveryevasiontrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks