Overview

overview

10

Static

static

5

JaffaCakes...50.exe

windows7-x64

10

JaffaCakes...50.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_57a413264c845ba3f562914d32b20c50

  • Size

    107KB

  • Sample

    250101-q611waxjhs

  • MD5

    57a413264c845ba3f562914d32b20c50

  • SHA1

    3b9ae14f059d168a38198d5c57b7706c0de86d91

  • SHA256

    03fe5f90adcf3acc3840cbb076210c62d7c9ad50fb2eac18645c5615b7cdcc18

  • SHA512

    7786f34b6abd56dcc561e9ba538e89b6175bd39ad8ae6e3e2f6b4a23c8571c9a780fd276a68c621ce88c210d0cf7028570d85e84bd9c12a164c67f2d19423f26

  • SSDEEP

    3072:L1+MJKrUnFYY5z1i0Nmbi5fJBNcgKdout:JIrPj0NmWtNcgKdoS

Score
10/10
modiloaderdiscoveryevasiontrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_57a413264c845ba3f562914d32b20c50

    • Size

      107KB

    • MD5

      57a413264c845ba3f562914d32b20c50

    • SHA1

      3b9ae14f059d168a38198d5c57b7706c0de86d91

    • SHA256

      03fe5f90adcf3acc3840cbb076210c62d7c9ad50fb2eac18645c5615b7cdcc18

    • SHA512

      7786f34b6abd56dcc561e9ba538e89b6175bd39ad8ae6e3e2f6b4a23c8571c9a780fd276a68c621ce88c210d0cf7028570d85e84bd9c12a164c67f2d19423f26

    • SSDEEP

      3072:L1+MJKrUnFYY5z1i0Nmbi5fJBNcgKdout:JIrPj0NmWtNcgKdoS

    Score
    10/10
    modiloaderdiscoveryevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks