Overview

overview

10

Static

static

3

e82089d7aa...18.exe

windows7-x64

10

e82089d7aa...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e82089d7aaed18cfb194e002ad1a2877_JaffaCakes118

  • Size

    30KB

  • Sample

    240918-clfmjsxfml

  • MD5

    e82089d7aaed18cfb194e002ad1a2877

  • SHA1

    badebd19433e7ac3e25aab76a931444700334565

  • SHA256

    c7be6a021e8c60656ec1ce97e95270f5f30755973b6d66468d51e58ecd6db7d8

  • SHA512

    2b407cad6af7e815fa70be6601b3ada58a7e7e272b7546ff13b3bcc342eea1991c51fa4213c6e15557089983f18074783730aadb2b2389b41025b6f33811f307

  • SSDEEP

    768:06NFd1MyFqBHSr9tMLkGiIiuuOk0/br3HoU0:0YX15FkCciI7k0T750

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      e82089d7aaed18cfb194e002ad1a2877_JaffaCakes118

    • Size

      30KB

    • MD5

      e82089d7aaed18cfb194e002ad1a2877

    • SHA1

      badebd19433e7ac3e25aab76a931444700334565

    • SHA256

      c7be6a021e8c60656ec1ce97e95270f5f30755973b6d66468d51e58ecd6db7d8

    • SHA512

      2b407cad6af7e815fa70be6601b3ada58a7e7e272b7546ff13b3bcc342eea1991c51fa4213c6e15557089983f18074783730aadb2b2389b41025b6f33811f307

    • SSDEEP

      768:06NFd1MyFqBHSr9tMLkGiIiuuOk0/br3HoU0:0YX15FkCciI7k0T750

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks