Overview

overview

10

Static

static

3

dce8659ac1...18.exe

windows7-x64

10

dce8659ac1...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dce8659ac1cd64abee470e5e04c565e8_JaffaCakes118

  • Size

    667KB

  • Sample

    240912-x7z9aszgmp

  • MD5

    dce8659ac1cd64abee470e5e04c565e8

  • SHA1

    8df7a6068f8acf3fc1eae6bbc9508ba9b34d4443

  • SHA256

    2df10e0e1d2532326c6de2c6947df7beaad8449f771eeec07db0a85772a1911e

  • SHA512

    ec0a962e162acc9f76c06fb76fa892b917f08f36ae4146663a743b64e076c0c10a871c8b6c39658f829ae69c51e250cbf990710d7fc18761a4a711d1a6e8cdd2

  • SSDEEP

    12288:1I0fmv8FFnYqK1GzDtf54jKEh7PunJDqF3Z4mxxFoEtlK+kt9T2Mm2T:7O0H4Gd5wKEhruJWQmXWGY

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      dce8659ac1cd64abee470e5e04c565e8_JaffaCakes118

    • Size

      667KB

    • MD5

      dce8659ac1cd64abee470e5e04c565e8

    • SHA1

      8df7a6068f8acf3fc1eae6bbc9508ba9b34d4443

    • SHA256

      2df10e0e1d2532326c6de2c6947df7beaad8449f771eeec07db0a85772a1911e

    • SHA512

      ec0a962e162acc9f76c06fb76fa892b917f08f36ae4146663a743b64e076c0c10a871c8b6c39658f829ae69c51e250cbf990710d7fc18761a4a711d1a6e8cdd2

    • SSDEEP

      12288:1I0fmv8FFnYqK1GzDtf54jKEh7PunJDqF3Z4mxxFoEtlK+kt9T2Mm2T:7O0H4Gd5wKEhruJWQmXWGY

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks