General

  • Target

    5be77c54c81dd92849a2552527882c85_JaffaCakes118

  • Size

    371KB

  • Sample

    240519-2vz5zsff61

  • MD5

    5be77c54c81dd92849a2552527882c85

  • SHA1

    efa17682e6b06358b9ff345ab1bc841e1b86d73b

  • SHA256

    d20b3aebf25096efce7a59a3b2bf09465668731d39ca8f8145378e079ff700e8

  • SHA512

    c0769c117b857a537e7520cb4402a4dd89f730aa14a060088abd85ed0c1678f4254b4dd4a5fb0008b3dcd9ccab31fe73d31010d3bc55f017e7541e95871328d3

  • SSDEEP

    6144:KDKFyWBwhsrZiBhnkxEG/XPz4iBt3iPR3FDrobe8m6IF6ep3o6whZ5Vd5Up:KDUyWypzk7X7ZORVwC8m/F/3o6whZXr6

Score
10/10

Malware Config

Extracted

Family

modiloader

C2

https://cdn.discordapp.com/attachments/753549570230976536/755287116593758208/Dmoqggd

Targets

    • Target

      Epsonscan 6000735873898737338898383889838993930993003039383.exe

    • Size

      909KB

    • MD5

      292674c1d2579fb41017413d7d204eba

    • SHA1

      5605a97858985e892f32c479d1e9fe614edd3a8f

    • SHA256

      74bfe12181435ac80211c35fb1aa7955965d252ea6db5d12576a21d2590f7596

    • SHA512

      244cbb53b5f39cc497e0d7cae73c575a8c8e7a5f64b89ce5c7dc377c314a6e15e51af043c57b383feec031e3660c1c3450bdc4a34e6db9d9867f362fdce2437a

    • SSDEEP

      24576:bK5hBlSW8pFD6iDIeT2p5c2bSO9vWVa1J:bK58W8fT2Px8g

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader First Stage

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Tasks