Overview

overview

10

Static

static

3

da36cac19b...18.exe

windows7-x64

10

da36cac19b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240911-m95axsxfkb

  • MD5

    da36cac19bc6154d19eff33dfa68d7f6

  • SHA1

    88087003e03b7b3a0805cc698a81044b40c99610

  • SHA256

    56a27d4fe9918b316ef49d625ab0b671376c50d5c5220cc76a3f5be08e970a0b

  • SHA512

    73f7666792fe4b1f0bc65ec1cd5e084fd3bb1515384907625fd94d3ff44f4098c65b51b19ab23ba07b472e87a8df73a29809a2f3f66d1f5321851f12f3ca3f12

  • SSDEEP

    24576:YverFiJoEIGw5/F8aar8JTOANhTa7TL0w4W+xZPdpADCUIzM+iRJqTVYd/pG8vGI:1o8F8IKITD3PA+KETw/ruCj

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      da36cac19bc6154d19eff33dfa68d7f6_JaffaCakes118

    • Size

      1.8MB

    • MD5

      da36cac19bc6154d19eff33dfa68d7f6

    • SHA1

      88087003e03b7b3a0805cc698a81044b40c99610

    • SHA256

      56a27d4fe9918b316ef49d625ab0b671376c50d5c5220cc76a3f5be08e970a0b

    • SHA512

      73f7666792fe4b1f0bc65ec1cd5e084fd3bb1515384907625fd94d3ff44f4098c65b51b19ab23ba07b472e87a8df73a29809a2f3f66d1f5321851f12f3ca3f12

    • SSDEEP

      24576:YverFiJoEIGw5/F8aar8JTOANhTa7TL0w4W+xZPdpADCUIzM+iRJqTVYd/pG8vGI:1o8F8IKITD3PA+KETw/ruCj

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks