Overview

overview

10

Static

static

3

fedd2c5184...18.exe

windows7-x64

10

fedd2c5184...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fedd2c5184b8d7adebd7f085592f0a9f_JaffaCakes118

  • Size

    284KB

  • Sample

    240929-tev74azhmq

  • MD5

    fedd2c5184b8d7adebd7f085592f0a9f

  • SHA1

    ad560d6e7cfd5e9925e95ea046ece4ea868e4d55

  • SHA256

    0954424e1ee9fa6c1434e7894663e5b6b6528a7bb84bd634278122ddda3994ac

  • SHA512

    afb3accdbc28cc1f03c483302403629193df37486243f34f72314c3ac62138dc7ec949060838bc2b4b7527c63c3b32ef350cc08079e1553b3499cee8c877dc92

  • SSDEEP

    6144:WhKz89RI+BTs4vV7hFj9YyrnF+TlUmZ4NA5U+V:WhKzkqwBV7Dj9fUJzZr

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      fedd2c5184b8d7adebd7f085592f0a9f_JaffaCakes118

    • Size

      284KB

    • MD5

      fedd2c5184b8d7adebd7f085592f0a9f

    • SHA1

      ad560d6e7cfd5e9925e95ea046ece4ea868e4d55

    • SHA256

      0954424e1ee9fa6c1434e7894663e5b6b6528a7bb84bd634278122ddda3994ac

    • SHA512

      afb3accdbc28cc1f03c483302403629193df37486243f34f72314c3ac62138dc7ec949060838bc2b4b7527c63c3b32ef350cc08079e1553b3499cee8c877dc92

    • SSDEEP

      6144:WhKz89RI+BTs4vV7hFj9YyrnF+TlUmZ4NA5U+V:WhKzkqwBV7Dj9fUJzZr

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks