Overview

overview

10

Static

static

5

003d0b4c52...18.exe

windows7-x64

10

003d0b4c52...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    003d0b4c523795967627364944ab783e_JaffaCakes118

  • Size

    109KB

  • Sample

    240930-jnqnvsyarf

  • MD5

    003d0b4c523795967627364944ab783e

  • SHA1

    10aad6d2dc53e0d0e2d0378fc533e617f42a492e

  • SHA256

    0db16703c4788c2b2723de83938360e75412fb594d25e333645cd3f131ff097a

  • SHA512

    4e754d4997ae678f43e68385f2cf5eac61700d91852df9f02a71017f9b1011f15905c3c22a82a8fe7eff85c65b309bda520f6273f5795ca17d6b91d7bb1cca4c

  • SSDEEP

    3072:zeovXPoYcswp7Uclw3BwQaq9NUiuvM12Cout:qovQYjwpU8OB3aq7avK2CoS

Score
10/10
modiloaderdiscoveryevasiontrojanupx

Malware Config

Targets

    • Target

      003d0b4c523795967627364944ab783e_JaffaCakes118

    • Size

      109KB

    • MD5

      003d0b4c523795967627364944ab783e

    • SHA1

      10aad6d2dc53e0d0e2d0378fc533e617f42a492e

    • SHA256

      0db16703c4788c2b2723de83938360e75412fb594d25e333645cd3f131ff097a

    • SHA512

      4e754d4997ae678f43e68385f2cf5eac61700d91852df9f02a71017f9b1011f15905c3c22a82a8fe7eff85c65b309bda520f6273f5795ca17d6b91d7bb1cca4c

    • SSDEEP

      3072:zeovXPoYcswp7Uclw3BwQaq9NUiuvM12Cout:qovQYjwpU8OB3aq7avK2CoS

    Score
    10/10
    modiloaderdiscoveryevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks