Overview

overview

10

Static

static

3

f0b51b01a8...18.exe

windows7-x64

10

f0b51b01a8...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0b51b01a8bb25cfc0be4cc53adff0d4_JaffaCakes118

  • Size

    389KB

  • Sample

    240921-12rlrawhkc

  • MD5

    f0b51b01a8bb25cfc0be4cc53adff0d4

  • SHA1

    8a37ff06e4f1daf98ef706ddd69907c292778bb9

  • SHA256

    642a7c7e0ab17ea171af6cea6818c5206f068ca30407af786c05ffddaa1df664

  • SHA512

    f32b25708cd633a670fb333b7ce60fc08580641e8ba6d6065edca8dd773801e30b57d9be497e64d58a93b560a01c6b52611fd4cc3f4106f0499fe29d9962418b

  • SSDEEP

    12288:PKn08OYFPmp9WmtCv3bsz3DSiBBa1k6Z:PK081Vesmov3gz3DSSBMZ

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      f0b51b01a8bb25cfc0be4cc53adff0d4_JaffaCakes118

    • Size

      389KB

    • MD5

      f0b51b01a8bb25cfc0be4cc53adff0d4

    • SHA1

      8a37ff06e4f1daf98ef706ddd69907c292778bb9

    • SHA256

      642a7c7e0ab17ea171af6cea6818c5206f068ca30407af786c05ffddaa1df664

    • SHA512

      f32b25708cd633a670fb333b7ce60fc08580641e8ba6d6065edca8dd773801e30b57d9be497e64d58a93b560a01c6b52611fd4cc3f4106f0499fe29d9962418b

    • SSDEEP

      12288:PKn08OYFPmp9WmtCv3bsz3DSiBBa1k6Z:PK081Vesmov3gz3DSSBMZ

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks