Overview

overview

10

Static

static

3

f8cead5bfe...18.exe

windows7-x64

10

f8cead5bfe...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8cead5bfe4919d6d2dd82016a7a05f1_JaffaCakes118

  • Size

    402KB

  • Sample

    240926-vcvzzs1cjd

  • MD5

    f8cead5bfe4919d6d2dd82016a7a05f1

  • SHA1

    0b0ab8d4b64a9c403c6408592de8f1d441fd5583

  • SHA256

    8d876cb4130fb8af097af24b129fb59f6ec7af83d87bc8fe5896953a2591e377

  • SHA512

    5bf05c774315833843d25b2bea2d173adb333c7dc1937d8e3fd5e1819b60f61082784c959f4cb07853d37f8098619a3fd0e19b44f727a05e383ad05f0e4c91f7

  • SSDEEP

    12288:rylDVdcMafXEezSoT3s6LvUBP8UgjUwC3:+l5dDxe9HLMBP8njUX

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      f8cead5bfe4919d6d2dd82016a7a05f1_JaffaCakes118

    • Size

      402KB

    • MD5

      f8cead5bfe4919d6d2dd82016a7a05f1

    • SHA1

      0b0ab8d4b64a9c403c6408592de8f1d441fd5583

    • SHA256

      8d876cb4130fb8af097af24b129fb59f6ec7af83d87bc8fe5896953a2591e377

    • SHA512

      5bf05c774315833843d25b2bea2d173adb333c7dc1937d8e3fd5e1819b60f61082784c959f4cb07853d37f8098619a3fd0e19b44f727a05e383ad05f0e4c91f7

    • SSDEEP

      12288:rylDVdcMafXEezSoT3s6LvUBP8UgjUwC3:+l5dDxe9HLMBP8njUX

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks