Overview

overview

10

Static

static

5

JaffaCakes...4b.exe

windows7-x64

10

JaffaCakes...4b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_01eb4a78930636cb6fb0b3e3047ead4b

  • Size

    313KB

  • Sample

    250111-2zbyystmcy

  • MD5

    01eb4a78930636cb6fb0b3e3047ead4b

  • SHA1

    2872242ca0ddfc807aaa95b7190c5f8fdac9ed9a

  • SHA256

    115dad689d9cac8647731d2e7db4c42c6f74fd79d9b51a3d02781c198a1d8627

  • SHA512

    9bc30a5fb7fa6861e1072224521c9ec5a073c54c8ce2f3d4577ea5cfb2f17f45e5192c782230d4cb51bf81f6ec5b8fbe5dc9e280e6543367b5369e47f203fc56

  • SSDEEP

    6144:p2aWf5JjWbj9iANWwN8W3PbI5WC3O2XFIMuhJsCocGvYsZSV4fNd7AoS8:kaWf5wbjIs9+W3P6TtVChJ5GgsZS+1AO

Score
10/10
modiloaderdiscoverytrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_01eb4a78930636cb6fb0b3e3047ead4b

    • Size

      313KB

    • MD5

      01eb4a78930636cb6fb0b3e3047ead4b

    • SHA1

      2872242ca0ddfc807aaa95b7190c5f8fdac9ed9a

    • SHA256

      115dad689d9cac8647731d2e7db4c42c6f74fd79d9b51a3d02781c198a1d8627

    • SHA512

      9bc30a5fb7fa6861e1072224521c9ec5a073c54c8ce2f3d4577ea5cfb2f17f45e5192c782230d4cb51bf81f6ec5b8fbe5dc9e280e6543367b5369e47f203fc56

    • SSDEEP

      6144:p2aWf5JjWbj9iANWwN8W3PbI5WC3O2XFIMuhJsCocGvYsZSV4fNd7AoS8:kaWf5wbjIs9+W3P6TtVChJ5GgsZS+1AO

    Score
    10/10
    modiloaderdiscoverytrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks