General

  • Target

    JaffaCakes118_7bb6160b699c391828bb0603168f66cf

  • Size

    108KB

  • Sample

    250104-zpnhwswrhs

  • MD5

    7bb6160b699c391828bb0603168f66cf

  • SHA1

    e4aef22388bbe8b17c0201334bd6fdcab3e5c6f9

  • SHA256

    7ea1a8f30d8f80c4034968dbfcd35230682dfd1d63629a681119f4a2fea2ee02

  • SHA512

    184d55bf5221008cf10c1327e843ca6eecd68fb01c4f763426554e6eb90204d9e4d61dc976639d5441071f5b55db95dfb1f82071ced69a75734ca02d19fb8185

  • SSDEEP

    1536:CVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09+2BkVupb7nouy8:Aoy8j7VnNdrPHaSekwi+mW+2eVuJout

Malware Config

Targets

    • Target

      JaffaCakes118_7bb6160b699c391828bb0603168f66cf

    • Size

      108KB

    • MD5

      7bb6160b699c391828bb0603168f66cf

    • SHA1

      e4aef22388bbe8b17c0201334bd6fdcab3e5c6f9

    • SHA256

      7ea1a8f30d8f80c4034968dbfcd35230682dfd1d63629a681119f4a2fea2ee02

    • SHA512

      184d55bf5221008cf10c1327e843ca6eecd68fb01c4f763426554e6eb90204d9e4d61dc976639d5441071f5b55db95dfb1f82071ced69a75734ca02d19fb8185

    • SSDEEP

      1536:CVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09+2BkVupb7nouy8:Aoy8j7VnNdrPHaSekwi+mW+2eVuJout

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks