Overview

overview

10

Static

static

5

f3bd23573e...18.exe

windows7-x64

10

f3bd23573e...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3bd23573e86859f7e9d63f5262e126e_JaffaCakes118

  • Size

    630KB

  • Sample

    240924-qpxxwszemg

  • MD5

    f3bd23573e86859f7e9d63f5262e126e

  • SHA1

    427386bd834f1211075eb7b21caa5b3903d0fdaa

  • SHA256

    7c81cb05818dd4426055f9a3fa854b6c7dd914b05f657c3dcaee6a9bb08a340a

  • SHA512

    bf84e28d041dda0779d957e1f325b0b450e85eb616b5c33564422932015611b5d68371094e15585d17fefbe6b7ab60d382c23355b1f926c8e5245e59da10a5d6

  • SSDEEP

    12288:YHLUMuiv9RgfSjAzRtyQpdawEtX6Yq8RwXDR7gcoVb2ISC:itARXGwERRqTzR7gVb2IH

Score
10/10
modiloaderdiscoveryevasiontrojanupx

Malware Config

Targets

    • Target

      f3bd23573e86859f7e9d63f5262e126e_JaffaCakes118

    • Size

      630KB

    • MD5

      f3bd23573e86859f7e9d63f5262e126e

    • SHA1

      427386bd834f1211075eb7b21caa5b3903d0fdaa

    • SHA256

      7c81cb05818dd4426055f9a3fa854b6c7dd914b05f657c3dcaee6a9bb08a340a

    • SHA512

      bf84e28d041dda0779d957e1f325b0b450e85eb616b5c33564422932015611b5d68371094e15585d17fefbe6b7ab60d382c23355b1f926c8e5245e59da10a5d6

    • SSDEEP

      12288:YHLUMuiv9RgfSjAzRtyQpdawEtX6Yq8RwXDR7gcoVb2ISC:itARXGwERRqTzR7gVb2IH

    Score
    10/10
    modiloaderdiscoveryevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks