Overview

overview

10

Static

static

3

fcd499958c...18.exe

windows7-x64

10

fcd499958c...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fcd499958c9756292557c4f2615cd00f_JaffaCakes118

  • Size

    410KB

  • Sample

    240928-welprs1dkg

  • MD5

    fcd499958c9756292557c4f2615cd00f

  • SHA1

    f6dd465436f8c79e00859cb9ea823f8c0b3c383a

  • SHA256

    319fe18b8e3a47a424d53b06348089b377f63995c74a2da697f3d412217baeda

  • SHA512

    3e62b23b9b2c0c9e828cba8e9a1674d35cd5953427e7f46523b0bf09c697ad31f8b12a492d03153af9b3d49a9048c64810646f8dd0e3c730822565b2dc6ff769

  • SSDEEP

    12288:PR3F7VU1rQP81d0VM7gq1bHSD/TMxC9qhb:JRu1rQP81qegqCog9qF

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      fcd499958c9756292557c4f2615cd00f_JaffaCakes118

    • Size

      410KB

    • MD5

      fcd499958c9756292557c4f2615cd00f

    • SHA1

      f6dd465436f8c79e00859cb9ea823f8c0b3c383a

    • SHA256

      319fe18b8e3a47a424d53b06348089b377f63995c74a2da697f3d412217baeda

    • SHA512

      3e62b23b9b2c0c9e828cba8e9a1674d35cd5953427e7f46523b0bf09c697ad31f8b12a492d03153af9b3d49a9048c64810646f8dd0e3c730822565b2dc6ff769

    • SSDEEP

      12288:PR3F7VU1rQP81d0VM7gq1bHSD/TMxC9qhb:JRu1rQP81qegqCog9qF

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks