Overview

overview

10

Static

static

10

e3660ace68...18.exe

windows7-x64

10

e3660ace68...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e3660ace68bc814a14f023f2b014a1bc_JaffaCakes118

  • Size

    897KB

  • Sample

    240915-1d2f2sthkl

  • MD5

    e3660ace68bc814a14f023f2b014a1bc

  • SHA1

    6678bf8b2d7af71b1f4183d94b043757f924e4bb

  • SHA256

    22dc98f175eb8e091bd4b37b9b0c135323a207c12ff4bef142a673c5fea443e1

  • SHA512

    55fad0dd3bca89fea6ec2afbd6f173237e47e86fa3a6d38d7b1789bcf03ed4707c7232873ec6674ae591e06c0c54da4e008f08f410e5e1061506263093c3d3b3

  • SSDEEP

    24576:PiVQw7qqV5GvrzSfHYUTs0WCU8MeG58wwG:PeV2zSfH7U8E

Score
10/10
modiloaderdiscoveryexecutionpersistencetrojan

Malware Config

Targets

    • Target

      e3660ace68bc814a14f023f2b014a1bc_JaffaCakes118

    • Size

      897KB

    • MD5

      e3660ace68bc814a14f023f2b014a1bc

    • SHA1

      6678bf8b2d7af71b1f4183d94b043757f924e4bb

    • SHA256

      22dc98f175eb8e091bd4b37b9b0c135323a207c12ff4bef142a673c5fea443e1

    • SHA512

      55fad0dd3bca89fea6ec2afbd6f173237e47e86fa3a6d38d7b1789bcf03ed4707c7232873ec6674ae591e06c0c54da4e008f08f410e5e1061506263093c3d3b3

    • SSDEEP

      24576:PiVQw7qqV5GvrzSfHYUTs0WCU8MeG58wwG:PeV2zSfH7U8E

    Score
    10/10
    modiloaderdiscoveryexecutionpersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Creates new service(s)

      persistenceexecution

    • Deletes itself

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks