Overview

overview

10

Static

static

3

ec52a88ef3...18.exe

windows7-x64

10

ec52a88ef3...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec52a88ef30346c168c2c933b996c63b_JaffaCakes118

  • Size

    308KB

  • Sample

    240919-2k5ygsvcjg

  • MD5

    ec52a88ef30346c168c2c933b996c63b

  • SHA1

    c5238d5987c41c4420ee9dc8baf67ae29203e58a

  • SHA256

    b9900779a43961ddcbfbd22772d83e91b0dbb79904e93df622671f3b35c80bc3

  • SHA512

    98fdc05208025b81c91d76a86da031c76a43d6a0b4a52e1a4cf1d8e03da21e82b28339e2639522d6ed1c5a1bc832927fcb03c36c6904de8ef6186854503465c6

  • SSDEEP

    6144:F605Ug4F+2sespYsG14nCBKoJvJtsls4ZDsS4MbqFFUDjY0sQPp:n5Ugaw1GWC7B6lLhsS4zIDjSQ

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      ec52a88ef30346c168c2c933b996c63b_JaffaCakes118

    • Size

      308KB

    • MD5

      ec52a88ef30346c168c2c933b996c63b

    • SHA1

      c5238d5987c41c4420ee9dc8baf67ae29203e58a

    • SHA256

      b9900779a43961ddcbfbd22772d83e91b0dbb79904e93df622671f3b35c80bc3

    • SHA512

      98fdc05208025b81c91d76a86da031c76a43d6a0b4a52e1a4cf1d8e03da21e82b28339e2639522d6ed1c5a1bc832927fcb03c36c6904de8ef6186854503465c6

    • SSDEEP

      6144:F605Ug4F+2sespYsG14nCBKoJvJtsls4ZDsS4MbqFFUDjY0sQPp:n5Ugaw1GWC7B6lLhsS4zIDjSQ

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks