Overview

overview

10

Static

static

10

ea1ebde635...18.exe

windows7-x64

10

ea1ebde635...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea1ebde63571235ab1c7e319dbb5b07f_JaffaCakes118

  • Size

    549KB

  • Sample

    240918-2thvbaxerq

  • MD5

    ea1ebde63571235ab1c7e319dbb5b07f

  • SHA1

    eb9a4c49107934a4a1518d120afbe889f6afff74

  • SHA256

    36eb6bb7fde9bb2379f97dee96dfa4747ac1dad34a3f766753f37a012510d98a

  • SHA512

    66f5cb6d12b801a356bb8cf23188dcc4c7a2eccdb916f957679867a3c5c0294c97dea5ebc0f7f58f4c0723055e5e85719db5066c2cb23a709bb44fc38573019c

  • SSDEEP

    12288:fy/cQq6A+y1vbS+Vnjz936iOnQMkcB86UpBfYBug:a/coA11vbS+VjZd2QMklJpBfYQg

Score
10/10
modiloaderdefense_evasiondiscoverytrojan

Malware Config

Targets

    • Target

      ea1ebde63571235ab1c7e319dbb5b07f_JaffaCakes118

    • Size

      549KB

    • MD5

      ea1ebde63571235ab1c7e319dbb5b07f

    • SHA1

      eb9a4c49107934a4a1518d120afbe889f6afff74

    • SHA256

      36eb6bb7fde9bb2379f97dee96dfa4747ac1dad34a3f766753f37a012510d98a

    • SHA512

      66f5cb6d12b801a356bb8cf23188dcc4c7a2eccdb916f957679867a3c5c0294c97dea5ebc0f7f58f4c0723055e5e85719db5066c2cb23a709bb44fc38573019c

    • SSDEEP

      12288:fy/cQq6A+y1vbS+Vnjz936iOnQMkcB86UpBfYBug:a/coA11vbS+VjZd2QMklJpBfYQg

    Score
    10/10
    modiloaderdefense_evasiondiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks