Overview

overview

10

Static

static

3

cfd10bb8e8...18.exe

windows7-x64

10

cfd10bb8e8...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfd10bb8e82cf51ce338a20ab5ac44af_JaffaCakes118

  • Size

    151KB

  • Sample

    240906-skstgsshjj

  • MD5

    cfd10bb8e82cf51ce338a20ab5ac44af

  • SHA1

    fc7bd479a0b3a0244af43af6f573aa4caa0cd18e

  • SHA256

    06ae0cf3222269864357705c8cb85a8c16963de38490d03c729c66bc0d1681e9

  • SHA512

    e0ab95d42fe415a20300f6d811e9525775498f23916e17c67852ef351f83a743c261a532f9e98e074fc34c8a66a55a3faecc3bce3a87f09d80958908653269ee

  • SSDEEP

    1536:cVZfqCLskhREOY2xuwq1+8SN+nHrSeuDJ+j8uThxIg7O3BDf1j4ydEGxBY3+7EpG:cVZSC3XYvVk8SNyB8+7FC3BdCJiH

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      cfd10bb8e82cf51ce338a20ab5ac44af_JaffaCakes118

    • Size

      151KB

    • MD5

      cfd10bb8e82cf51ce338a20ab5ac44af

    • SHA1

      fc7bd479a0b3a0244af43af6f573aa4caa0cd18e

    • SHA256

      06ae0cf3222269864357705c8cb85a8c16963de38490d03c729c66bc0d1681e9

    • SHA512

      e0ab95d42fe415a20300f6d811e9525775498f23916e17c67852ef351f83a743c261a532f9e98e074fc34c8a66a55a3faecc3bce3a87f09d80958908653269ee

    • SSDEEP

      1536:cVZfqCLskhREOY2xuwq1+8SN+nHrSeuDJ+j8uThxIg7O3BDf1j4ydEGxBY3+7EpG:cVZSC3XYvVk8SNyB8+7FC3BdCJiH

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks