Overview

overview

10

Static

static

10

cf9aeb18c6...18.exe

windows7-x64

10

cf9aeb18c6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf9aeb18c6eb40a7d9d6a053711e2658_JaffaCakes118

  • Size

    748KB

  • Sample

    240906-qdp3xaydpd

  • MD5

    cf9aeb18c6eb40a7d9d6a053711e2658

  • SHA1

    90ebbc2fa9c22cbec6420e848ee52c779fa75763

  • SHA256

    b4ee08f63d225a682a094fda9c9039ecd322eb4d6065a5b37e800f1028439af0

  • SHA512

    5ad63560b6cd56458566a79f5bcbe66b57e978334629c3a7154fee7cdbce372e7f3768117cf72b8b1f2bb48a5dc5556f5637b09d75d383bf5f1f9228041974cb

  • SSDEEP

    12288:wvg64Fv5eHdURHYJvEFq9vGZFstxRGN3KX58PqmH4wATHWdXK:yFIedUR4N99vGT0yNapKYwATH5

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      cf9aeb18c6eb40a7d9d6a053711e2658_JaffaCakes118

    • Size

      748KB

    • MD5

      cf9aeb18c6eb40a7d9d6a053711e2658

    • SHA1

      90ebbc2fa9c22cbec6420e848ee52c779fa75763

    • SHA256

      b4ee08f63d225a682a094fda9c9039ecd322eb4d6065a5b37e800f1028439af0

    • SHA512

      5ad63560b6cd56458566a79f5bcbe66b57e978334629c3a7154fee7cdbce372e7f3768117cf72b8b1f2bb48a5dc5556f5637b09d75d383bf5f1f9228041974cb

    • SSDEEP

      12288:wvg64Fv5eHdURHYJvEFq9vGZFstxRGN3KX58PqmH4wATHWdXK:yFIedUR4N99vGT0yNapKYwATH5

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks