Overview

overview

10

Static

static

3

f7baeaa0bd...18.exe

windows7-x64

10

f7baeaa0bd...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7baeaa0bd8f16d00d7854732883e76c_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240926-gtfpqs1frk

  • MD5

    f7baeaa0bd8f16d00d7854732883e76c

  • SHA1

    7e67b0156090464545b26f3f1421871904825426

  • SHA256

    5cc32ba90b5625faf45d2876e9548102f80fd473eac861bf9c495ba995d4f512

  • SHA512

    e319fcdddcf14f2a5a569020de9c81a3c4b61e381cc5fee7838f5c651a5b8948713482542283b5fc37b75315bbe45aa631edc64f3a0aa4371e27f68e0d9f7907

  • SSDEEP

    49152:KKbnbMPiknDO5i8Rh1g4VkTlVjsEtCV3mXvV:KKbbMPfnDO5iahq47EtC8X

Score
10/10
modiloaderdiscoveryevasiontrojan

Malware Config

Targets

    • Target

      f7baeaa0bd8f16d00d7854732883e76c_JaffaCakes118

    • Size

      1.8MB

    • MD5

      f7baeaa0bd8f16d00d7854732883e76c

    • SHA1

      7e67b0156090464545b26f3f1421871904825426

    • SHA256

      5cc32ba90b5625faf45d2876e9548102f80fd473eac861bf9c495ba995d4f512

    • SHA512

      e319fcdddcf14f2a5a569020de9c81a3c4b61e381cc5fee7838f5c651a5b8948713482542283b5fc37b75315bbe45aa631edc64f3a0aa4371e27f68e0d9f7907

    • SSDEEP

      49152:KKbnbMPiknDO5i8Rh1g4VkTlVjsEtCV3mXvV:KKbbMPfnDO5iahq47EtC8X

    Score
    10/10
    modiloaderdiscoveryevasiontrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks