Overview

overview

10

Static

static

5

b891f782e8...18.exe

windows7-x64

10

b891f782e8...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b891f782e83078d79fe92ba928092d39_JaffaCakes118

  • Size

    110KB

  • Sample

    241202-rdkc4aslgq

  • MD5

    b891f782e83078d79fe92ba928092d39

  • SHA1

    bd511c4c9a0581672b9bddfe326afb08b96a9576

  • SHA256

    be72751e6ffc1b7a5f4cf059a4d7ec4e26a8c0ee7b7dd16805663f95a0e54e24

  • SHA512

    9091f7ca557787c0e9987a8585e87c14729393ee8994be3e04c04bcab8a8909b7a7d69fb47374e349f3f91cb1147870bdb54d9d2f3f64c70e3f11a090bf02e16

  • SSDEEP

    3072:Moy8j7VnNdrPHaSekwi+mWS3wBJHSRqYout+:88jZ7rvaU3+mWS3wTy3oS

Score
10/10
modiloaderdiscoveryevasiontrojanupx

Malware Config

Targets

    • Target

      b891f782e83078d79fe92ba928092d39_JaffaCakes118

    • Size

      110KB

    • MD5

      b891f782e83078d79fe92ba928092d39

    • SHA1

      bd511c4c9a0581672b9bddfe326afb08b96a9576

    • SHA256

      be72751e6ffc1b7a5f4cf059a4d7ec4e26a8c0ee7b7dd16805663f95a0e54e24

    • SHA512

      9091f7ca557787c0e9987a8585e87c14729393ee8994be3e04c04bcab8a8909b7a7d69fb47374e349f3f91cb1147870bdb54d9d2f3f64c70e3f11a090bf02e16

    • SSDEEP

      3072:Moy8j7VnNdrPHaSekwi+mWS3wBJHSRqYout+:88jZ7rvaU3+mWS3wTy3oS

    Score
    10/10
    modiloaderdiscoveryevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks