modiloader | c11116e78cadddaecd08ea228afc2a2e17b0feeeff093a4443f8b914acb9913c | Triage

Sharing

General

Target

ec12f24b941ebac9b1b20fa54316c94c_JaffaCakes118
Size

385KB
Sample

240919-yj9cqsxfpp
MD5

ec12f24b941ebac9b1b20fa54316c94c
SHA1

234deb459ee1b11c8ce15f69aeaabe81a69455cd
SHA256

c11116e78cadddaecd08ea228afc2a2e17b0feeeff093a4443f8b914acb9913c
SHA512

817a908738474cff89d1f8f63dbb50097cfb3fa566712cabf80345a429969105dc8aeffd65854aef4e1abac4d3ce57a1a29832d740a2d6736e9b82169182a513
SSDEEP

6144:uByddyG377xS2Vp2CeiorXdwTBgWx4v53CpcCJJvH8ddg:Dr7xS2Vp6RwTyCzbJJvH/

Score

10^/10

modiloader

Malware Config

Targets

- Target
  
  ec12f24b941ebac9b1b20fa54316c94c_JaffaCakes118
- Size
  
  385KB
- MD5
  
  ec12f24b941ebac9b1b20fa54316c94c
- SHA1
  
  234deb459ee1b11c8ce15f69aeaabe81a69455cd
- SHA256
  
  c11116e78cadddaecd08ea228afc2a2e17b0feeeff093a4443f8b914acb9913c
- SHA512
  
  817a908738474cff89d1f8f63dbb50097cfb3fa566712cabf80345a429969105dc8aeffd65854aef4e1abac4d3ce57a1a29832d740a2d6736e9b82169182a513
- SSDEEP
  
  6144:uByddyG377xS2Vp2CeiorXdwTBgWx4v53CpcCJJvH8ddg:Dr7xS2Vp6RwTyCzbJJvH/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2