Overview

overview

10

Static

static

10

f7a097ec78...18.exe

windows7-x64

10

f7a097ec78...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7a097ec7811f82c11296085e9cd539d_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240926-fqw2waygrr

  • MD5

    f7a097ec7811f82c11296085e9cd539d

  • SHA1

    b40d0447a9d5ba906d56551b78311f2c39ec9838

  • SHA256

    22b66c1abab1e0f7a30db72426404815300c715bc1bc49f3d0b1edb4b4cb3e27

  • SHA512

    a9373f0239b42b061b8784018893824531ca44cb8f1098c1b7043253ad659fc2acade29066edbcc2a2181e2db1e1f209d958139fb1b0dacf60fd1afedd93f83a

  • SSDEEP

    49152:aSwf/YI9og/xeRK9jj18c8GuwhkRIjx1apgubKe3:aS0Q2o+xkK5j1lSwhkix1DQR

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      f7a097ec7811f82c11296085e9cd539d_JaffaCakes118

    • Size

      1.9MB

    • MD5

      f7a097ec7811f82c11296085e9cd539d

    • SHA1

      b40d0447a9d5ba906d56551b78311f2c39ec9838

    • SHA256

      22b66c1abab1e0f7a30db72426404815300c715bc1bc49f3d0b1edb4b4cb3e27

    • SHA512

      a9373f0239b42b061b8784018893824531ca44cb8f1098c1b7043253ad659fc2acade29066edbcc2a2181e2db1e1f209d958139fb1b0dacf60fd1afedd93f83a

    • SSDEEP

      49152:aSwf/YI9og/xeRK9jj18c8GuwhkRIjx1apgubKe3:aS0Q2o+xkK5j1lSwhkix1DQR

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.