General

  • Target

    JaffaCakes118_537b721d960ce3319156409c8dd4fd90

  • Size

    4.3MB

  • Sample

    250115-ls4gmayqbz

  • MD5

    537b721d960ce3319156409c8dd4fd90

  • SHA1

    52c3bc8bfa0e74d37dad7bead86b895c93669428

  • SHA256

    22f5967085d28b79dfa37b70707d1f1aa68887677301fb98237b49e13e56f56d

  • SHA512

    78be24b66965bbaa92380ded074f14c51795492f113f43ea77d73c5d8b0c0f1503573232e1f2710979272f3d78a80e899db4a3485ea99db0bc32833c93521946

  • SSDEEP

    24576:GEf7wqJoqeH1h+QUnws0MrnHsjofFsZeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeg:GssqJU0T0MrnHIofOEoTI4qUAZGiUk

Malware Config

Targets

    • Target

      JaffaCakes118_537b721d960ce3319156409c8dd4fd90

    • Size

      4.3MB

    • MD5

      537b721d960ce3319156409c8dd4fd90

    • SHA1

      52c3bc8bfa0e74d37dad7bead86b895c93669428

    • SHA256

      22f5967085d28b79dfa37b70707d1f1aa68887677301fb98237b49e13e56f56d

    • SHA512

      78be24b66965bbaa92380ded074f14c51795492f113f43ea77d73c5d8b0c0f1503573232e1f2710979272f3d78a80e899db4a3485ea99db0bc32833c93521946

    • SSDEEP

      24576:GEf7wqJoqeH1h+QUnws0MrnHsjofFsZeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeg:GssqJU0T0MrnHIofOEoTI4qUAZGiUk

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • UAC bypass

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.