Overview

overview

10

Static

static

5

f996514e66...18.exe

windows7-x64

10

f996514e66...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f996514e6694938d7caeb47a2f42e38b_JaffaCakes118

  • Size

    108KB

  • Sample

    240927-dhlvtsvdjf

  • MD5

    f996514e6694938d7caeb47a2f42e38b

  • SHA1

    812ff000031ade9356fa7adae53f75847a420dff

  • SHA256

    ca7cc97666cdc8c1003ad2b4f58b908e40e7ce1dbc46abd6545bedb5e3984afa

  • SHA512

    92596640a326811d94ab8375229cb4508e5bb0196d1067643b26c03a9796bb3dfef191f924fed0a1c9c151a410aff2f48dcd34d060f8e8918b3557df03b82697

  • SSDEEP

    3072:peovXPoYcswp7Uclw3BwQaq9NUiuvc31eUTEd74gXAout:IovQYjwpU8OB3aq7avc31eUTE8oS

Score
10/10
modiloaderdiscoveryevasiontrojanupx

Malware Config

Targets

    • Target

      f996514e6694938d7caeb47a2f42e38b_JaffaCakes118

    • Size

      108KB

    • MD5

      f996514e6694938d7caeb47a2f42e38b

    • SHA1

      812ff000031ade9356fa7adae53f75847a420dff

    • SHA256

      ca7cc97666cdc8c1003ad2b4f58b908e40e7ce1dbc46abd6545bedb5e3984afa

    • SHA512

      92596640a326811d94ab8375229cb4508e5bb0196d1067643b26c03a9796bb3dfef191f924fed0a1c9c151a410aff2f48dcd34d060f8e8918b3557df03b82697

    • SSDEEP

      3072:peovXPoYcswp7Uclw3BwQaq9NUiuvc31eUTEd74gXAout:IovQYjwpU8OB3aq7avc31eUTE8oS

    Score
    10/10
    modiloaderdiscoveryevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks