Overview

overview

10

Static

static

3

e6417d8fa7...18.exe

windows7-x64

10

e6417d8fa7...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e6417d8fa704d4e6a606fdda413db481_JaffaCakes118

  • Size

    280KB

  • Sample

    240917-hje6wszcqm

  • MD5

    e6417d8fa704d4e6a606fdda413db481

  • SHA1

    c1595c468563ab33001c70d87c4703c5fdf6b4dc

  • SHA256

    f12b5aabbb28b4b9ebffd434d490070dcb84018ba0c09b27c5b3f9453d73655d

  • SHA512

    db10949ac3bc63e2c457c3df097238d3f0801d1d7c77f871de5503409d45bffaed5277b7e3bc20ce51e45126e91882dd9ec0b119717a7fa4bdab872802216be4

  • SSDEEP

    6144:xs0AA+O4T6WqOjk0B6n21hpGATJ62NYg2Xxc8XPz4raxdvr+CtIO4fK:BBB4Dzkfn21hYATk2v2fX74raxdvHtIX

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      e6417d8fa704d4e6a606fdda413db481_JaffaCakes118

    • Size

      280KB

    • MD5

      e6417d8fa704d4e6a606fdda413db481

    • SHA1

      c1595c468563ab33001c70d87c4703c5fdf6b4dc

    • SHA256

      f12b5aabbb28b4b9ebffd434d490070dcb84018ba0c09b27c5b3f9453d73655d

    • SHA512

      db10949ac3bc63e2c457c3df097238d3f0801d1d7c77f871de5503409d45bffaed5277b7e3bc20ce51e45126e91882dd9ec0b119717a7fa4bdab872802216be4

    • SSDEEP

      6144:xs0AA+O4T6WqOjk0B6n21hpGATJ62NYg2Xxc8XPz4raxdvr+CtIO4fK:BBB4Dzkfn21hYATk2v2fX74raxdvHtIX

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks