General

  • Target

    JaffaCakes118_6cab604c33d0bfb4987c4ad894fe6dbc

  • Size

    291KB

  • Sample

    250103-ps4deatpft

  • MD5

    6cab604c33d0bfb4987c4ad894fe6dbc

  • SHA1

    9564d7537064c1930b18a286e4dec84831f826b9

  • SHA256

    329e3590b67ba305e571b5aa7e9eb37cfc09b3e6b94954763268a84d4a0c8b0b

  • SHA512

    2b2b252895fc3d7a05a176128da718505a177479dcff5a66a49662f664428f3fac3140e2fc7bf823310e8438b414eef0c97fb2a3ef1a3d286ceaa9ed6da7ede9

  • SSDEEP

    3072:eoy8j7VnNdrPHaSekwi+mWniNq8out84sGaslbW1fAxzUrkILJJ:+8jZ7rvaU3+mW2q8oSxslFiz4L

Malware Config

Targets

    • Target

      JaffaCakes118_6cab604c33d0bfb4987c4ad894fe6dbc

    • Size

      291KB

    • MD5

      6cab604c33d0bfb4987c4ad894fe6dbc

    • SHA1

      9564d7537064c1930b18a286e4dec84831f826b9

    • SHA256

      329e3590b67ba305e571b5aa7e9eb37cfc09b3e6b94954763268a84d4a0c8b0b

    • SHA512

      2b2b252895fc3d7a05a176128da718505a177479dcff5a66a49662f664428f3fac3140e2fc7bf823310e8438b414eef0c97fb2a3ef1a3d286ceaa9ed6da7ede9

    • SSDEEP

      3072:eoy8j7VnNdrPHaSekwi+mWniNq8out84sGaslbW1fAxzUrkILJJ:+8jZ7rvaU3+mW2q8oSxslFiz4L

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks