Overview

overview

10

Static

static

5

02ec8ac741...18.exe

windows7-x64

10

02ec8ac741...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02ec8ac741d52fa6b4ebf7be0801b8b9_JaffaCakes118

  • Size

    219KB

  • Sample

    240930-x5ke3a1fmj

  • MD5

    02ec8ac741d52fa6b4ebf7be0801b8b9

  • SHA1

    f096d612358da0c1c353214eefe3b824b681f46b

  • SHA256

    e51bae6aa18fbfac219d04b9d64e656e5d23b1624c3b126c12d0fd7570ce9b87

  • SHA512

    3f909661ae687d3ae6b2a219e5980366254c38e76c040f16d59ba027078815e5f0e65734bad504f62a61ccb0601e220f6a64a2a979fe2e469b97514aa9ad8f16

  • SSDEEP

    6144:J8jZ7rvaU3+mWrxPdbYBoSoWLmQYchWMYfCe1yRGBS6egB:JeFzF6NYBoShLHYnfHyRuS6tB

Score
10/10
modiloaderdiscoveryevasiontrojanupx

Malware Config

Targets

    • Target

      02ec8ac741d52fa6b4ebf7be0801b8b9_JaffaCakes118

    • Size

      219KB

    • MD5

      02ec8ac741d52fa6b4ebf7be0801b8b9

    • SHA1

      f096d612358da0c1c353214eefe3b824b681f46b

    • SHA256

      e51bae6aa18fbfac219d04b9d64e656e5d23b1624c3b126c12d0fd7570ce9b87

    • SHA512

      3f909661ae687d3ae6b2a219e5980366254c38e76c040f16d59ba027078815e5f0e65734bad504f62a61ccb0601e220f6a64a2a979fe2e469b97514aa9ad8f16

    • SSDEEP

      6144:J8jZ7rvaU3+mWrxPdbYBoSoWLmQYchWMYfCe1yRGBS6egB:JeFzF6NYBoShLHYnfHyRuS6tB

    Score
    10/10
    modiloaderdiscoveryevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks