Overview

overview

10

Static

static

3

d1d6990232...18.exe

windows7-x64

10

d1d6990232...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1d6990232187ba0696aa557174d9c2e_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240907-npnm4sscjq

  • MD5

    d1d6990232187ba0696aa557174d9c2e

  • SHA1

    0536eed7d9b7b6cdffda81cd0dd0c2a0d09dc633

  • SHA256

    2b783c808417ebde6624add0632bdb8bf2251ff45afe1b31992c012c50453655

  • SHA512

    c7f116896e4f89a921f228fd1e6e4c11a6610252da2bd82397cab49547be510f62b2f9e9b37a7b376b9a057b9106d209ff5f9e60f819d94e553347b2c5e945c5

  • SSDEEP

    24576:GF4TQmX2E40pd89XCnfkA4Zop1UkBA9zpzlGhGLhj2V6Hng:gLmd40b8xQkA4Zop1UIUHng

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      d1d6990232187ba0696aa557174d9c2e_JaffaCakes118

    • Size

      1.0MB

    • MD5

      d1d6990232187ba0696aa557174d9c2e

    • SHA1

      0536eed7d9b7b6cdffda81cd0dd0c2a0d09dc633

    • SHA256

      2b783c808417ebde6624add0632bdb8bf2251ff45afe1b31992c012c50453655

    • SHA512

      c7f116896e4f89a921f228fd1e6e4c11a6610252da2bd82397cab49547be510f62b2f9e9b37a7b376b9a057b9106d209ff5f9e60f819d94e553347b2c5e945c5

    • SSDEEP

      24576:GF4TQmX2E40pd89XCnfkA4Zop1UkBA9zpzlGhGLhj2V6Hng:gLmd40b8xQkA4Zop1UIUHng

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks