Overview

overview

10

Static

static

3

f541ea83dd...18.exe

windows7-x64

10

f541ea83dd...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f541ea83ddd78bf55655796bf51aedbb_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240925-ftpf7szdmb

  • MD5

    f541ea83ddd78bf55655796bf51aedbb

  • SHA1

    75214082e1b79d0c96f7b2a361ce71a81c8f8c32

  • SHA256

    4e46048809ac5b60208ea911feb241556e9beb30f002e3fc23eaf90c9c924060

  • SHA512

    20ad74228a9e316d79d02757b4bcf1d6c31c1b320343b4ebeb0ce453b9e96a6831f98f7657db94c2db9ba7db81eb983c07cefa3c0af595f370cc8456f1c05630

  • SSDEEP

    49152:/vmXF17hajw1M5pPo/t0QC0NL8TqYcYJlsL5xClmXQhI4/540:/eok1SoCQ3NL8TqYc+li5xCllzB40

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      f541ea83ddd78bf55655796bf51aedbb_JaffaCakes118

    • Size

      2.1MB

    • MD5

      f541ea83ddd78bf55655796bf51aedbb

    • SHA1

      75214082e1b79d0c96f7b2a361ce71a81c8f8c32

    • SHA256

      4e46048809ac5b60208ea911feb241556e9beb30f002e3fc23eaf90c9c924060

    • SHA512

      20ad74228a9e316d79d02757b4bcf1d6c31c1b320343b4ebeb0ce453b9e96a6831f98f7657db94c2db9ba7db81eb983c07cefa3c0af595f370cc8456f1c05630

    • SSDEEP

      49152:/vmXF17hajw1M5pPo/t0QC0NL8TqYcYJlsL5xClmXQhI4/540:/eok1SoCQ3NL8TqYc+li5xCllzB40

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks