Overview

overview

10

Static

static

3

JaffaCakes...5b.exe

windows7-x64

10

JaffaCakes...5b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_182f0cba2ea89510353dba7f6d9cb25b

  • Size

    317KB

  • Sample

    250123-ryphjstrar

  • MD5

    182f0cba2ea89510353dba7f6d9cb25b

  • SHA1

    63fd1c79346664e4fe4c04c0a276dce5ac30954f

  • SHA256

    dc76ce45f682cd12dfc318236a1cce53ba7845e3eded8ff100391d53a4dafb26

  • SHA512

    c522755a0af9e77c12459f0b3fd8b521a18366f59cc15d513b93e9a8296296968e899d483af78a8def21067d2fe1a3072599b32b972e5e1d40aefa15530b3c53

  • SSDEEP

    6144:kgc//////Gkt/K5mYzAwrTtwEnkb03af0W0oDTvBJ0cjuu74o1Zb1vU9MiCK3urI:jc//////Njb0TWEnnaNDTpycFjJvGCK7

Score
10/10
modiloaderdiscoverytrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_182f0cba2ea89510353dba7f6d9cb25b

    • Size

      317KB

    • MD5

      182f0cba2ea89510353dba7f6d9cb25b

    • SHA1

      63fd1c79346664e4fe4c04c0a276dce5ac30954f

    • SHA256

      dc76ce45f682cd12dfc318236a1cce53ba7845e3eded8ff100391d53a4dafb26

    • SHA512

      c522755a0af9e77c12459f0b3fd8b521a18366f59cc15d513b93e9a8296296968e899d483af78a8def21067d2fe1a3072599b32b972e5e1d40aefa15530b3c53

    • SSDEEP

      6144:kgc//////Gkt/K5mYzAwrTtwEnkb03af0W0oDTvBJ0cjuu74o1Zb1vU9MiCK3urI:jc//////Njb0TWEnnaNDTpycFjJvGCK7

    Score
    10/10
    modiloaderdiscoverytrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks