Overview

overview

10

Static

static

5

f143251c45...18.exe

windows7-x64

10

f143251c45...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f143251c45d8ce6aa9833f9c76666c8b_JaffaCakes118

  • Size

    130KB

  • Sample

    241214-3pkc1sxpft

  • MD5

    f143251c45d8ce6aa9833f9c76666c8b

  • SHA1

    04dd85091a22677c089103b8cf978f5f8669f4c1

  • SHA256

    fa9313afbf1574b61ff304c1bc23b9fce5008dde68e72c604325dad424bca0b1

  • SHA512

    427ea34134d91cfb63e7e9363ce20edc53e1e98c79fb08ff401d1134499c675cd607737b4c304a9d6a5f1c2bf508cd8fde51a2219e1b73831accc9e8cdc57a4d

  • SSDEEP

    3072:coy8j7VnNdrPHaSekwi+mWRBjs/EIkAoutJ24ofYRxYv0sLpMU4Hb:M8jZ7rvaU3+mWR1nIkAoScLh4H

Score
10/10
modiloaderdiscoveryevasiontrojanupx

Malware Config

Targets

    • Target

      f143251c45d8ce6aa9833f9c76666c8b_JaffaCakes118

    • Size

      130KB

    • MD5

      f143251c45d8ce6aa9833f9c76666c8b

    • SHA1

      04dd85091a22677c089103b8cf978f5f8669f4c1

    • SHA256

      fa9313afbf1574b61ff304c1bc23b9fce5008dde68e72c604325dad424bca0b1

    • SHA512

      427ea34134d91cfb63e7e9363ce20edc53e1e98c79fb08ff401d1134499c675cd607737b4c304a9d6a5f1c2bf508cd8fde51a2219e1b73831accc9e8cdc57a4d

    • SSDEEP

      3072:coy8j7VnNdrPHaSekwi+mWRBjs/EIkAoutJ24ofYRxYv0sLpMU4Hb:M8jZ7rvaU3+mWR1nIkAoScLh4H

    Score
    10/10
    modiloaderdiscoveryevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks