Overview

overview

10

Static

static

3

94461b9798...18.exe

windows7-x64

10

94461b9798...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94461b9798305bf7f2b4d6ad5d444491_JaffaCakes118

  • Size

    595KB

  • Sample

    240813-xax3nsvcjp

  • MD5

    94461b9798305bf7f2b4d6ad5d444491

  • SHA1

    2d76cd3a4c795272740c64cdfedfdcab0da52f12

  • SHA256

    a8de479be64f9eb78e36bbd1c87a00999577f4d3f515bf05796a173a9502fac0

  • SHA512

    d6af43a026da11cb01a73423129b5194f158e76ff7b62f199f58a5bf592d2368dfbf84d0d923faa78fe937b0b51734358995af0ab5d6a8e90aa0974ef8e5aee3

  • SSDEEP

    12288:e/zQayHZOA8GaUV/nKBCY8oAv8+7/F3Z4mxxoYihUB1mq5Yth:e70HBday/nKcY40+LQmXo/Q4q5Kh

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      94461b9798305bf7f2b4d6ad5d444491_JaffaCakes118

    • Size

      595KB

    • MD5

      94461b9798305bf7f2b4d6ad5d444491

    • SHA1

      2d76cd3a4c795272740c64cdfedfdcab0da52f12

    • SHA256

      a8de479be64f9eb78e36bbd1c87a00999577f4d3f515bf05796a173a9502fac0

    • SHA512

      d6af43a026da11cb01a73423129b5194f158e76ff7b62f199f58a5bf592d2368dfbf84d0d923faa78fe937b0b51734358995af0ab5d6a8e90aa0974ef8e5aee3

    • SSDEEP

      12288:e/zQayHZOA8GaUV/nKBCY8oAv8+7/F3Z4mxxoYihUB1mq5Yth:e70HBday/nKcY40+LQmXo/Q4q5Kh

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks