General
-
Target
f85bc7a11b13551c79a76b7aae3b4300_JaffaCakes118
-
Size
108KB
-
Sample
240926-phhzqawgrl
-
MD5
f85bc7a11b13551c79a76b7aae3b4300
-
SHA1
c3c5188ddd559baee9f5b8f2b915f55b8d6ecf05
-
SHA256
d896cdee997280bf61a16aad0c60450fd5907d23561ce5c8b95c5a92492ed705
-
SHA512
c93b4b7e432a345c16719d5c6c95484ecef9b1cbf4b4437465624ba4ff74d75ab2948cadcb1a21232976ba983dca190f1520799b78459a077ee7873ea35c45c3
-
SSDEEP
3072:Moy8j7VnNdrPHaSekwi+mW+2P1aAk5Hdout:88jZ7rvaU3+mWrPwAk59oS
Malware Config
Targets
-
-
Target
f85bc7a11b13551c79a76b7aae3b4300_JaffaCakes118
-
Size
108KB
-
MD5
f85bc7a11b13551c79a76b7aae3b4300
-
SHA1
c3c5188ddd559baee9f5b8f2b915f55b8d6ecf05
-
SHA256
d896cdee997280bf61a16aad0c60450fd5907d23561ce5c8b95c5a92492ed705
-
SHA512
c93b4b7e432a345c16719d5c6c95484ecef9b1cbf4b4437465624ba4ff74d75ab2948cadcb1a21232976ba983dca190f1520799b78459a077ee7873ea35c45c3
-
SSDEEP
3072:Moy8j7VnNdrPHaSekwi+mW+2P1aAk5Hdout:88jZ7rvaU3+mWrPwAk59oS
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
UAC bypass
-
ModiLoader Second Stage
-
Loads dropped DLL
-
Checks whether UAC is enabled
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2