Overview

overview

10

Static

static

10

f051ef7670...18.exe

windows7-x64

10

f051ef7670...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f051ef7670d60fe0b472f5c505c42ff9_JaffaCakes118

  • Size

    317KB

  • Sample

    240921-wa8nqsvfrj

  • MD5

    f051ef7670d60fe0b472f5c505c42ff9

  • SHA1

    9e789c40094cbbcb491062ad3cfbb03d356d0ccb

  • SHA256

    eb20b605b84513cdb618538beb1f2f572ec7e01e63d6ee4966fdc486b8b82d81

  • SHA512

    9cfc02de337af30c8fa75333eef3682336f076e6d49312f98bfe2957a0ea9e25d20c8ab54047b9cb878e98b19715a298a0e9db73fbf1eb945a4d204ecab6b063

  • SSDEEP

    6144:3G377xS2Vp2CeiorXhwTBF53lGzOjpcCJJvHCKpoS:2r7xS2Vp6FwTPZjbJJvHdpoS

Score
10/10
modiloaderdiscoveryevasionpersistencetrojanupx

Malware Config

Targets

    • Target

      f051ef7670d60fe0b472f5c505c42ff9_JaffaCakes118

    • Size

      317KB

    • MD5

      f051ef7670d60fe0b472f5c505c42ff9

    • SHA1

      9e789c40094cbbcb491062ad3cfbb03d356d0ccb

    • SHA256

      eb20b605b84513cdb618538beb1f2f572ec7e01e63d6ee4966fdc486b8b82d81

    • SHA512

      9cfc02de337af30c8fa75333eef3682336f076e6d49312f98bfe2957a0ea9e25d20c8ab54047b9cb878e98b19715a298a0e9db73fbf1eb945a4d204ecab6b063

    • SSDEEP

      6144:3G377xS2Vp2CeiorXhwTBF53lGzOjpcCJJvHCKpoS:2r7xS2Vp6FwTPZjbJJvHdpoS

    Score
    10/10
    modiloaderdiscoveryevasionpersistencetrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks