Overview

overview

10

Static

static

3

026841cdf2...18.exe

windows7-x64

10

026841cdf2...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    026841cdf2743ebf03fd8b58633475e9_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240930-vpfqtszgjh

  • MD5

    026841cdf2743ebf03fd8b58633475e9

  • SHA1

    d1d0070ab8096d7fdff0b7d472790768bcfa3fb6

  • SHA256

    f8d12a2d11c883c8907f5921b5a9b8c76caf5cf43c129e0bbf2ed3f54f3a4074

  • SHA512

    affd26d2167627d3958ff9a7ce11dee258b88f43dddf56beab726a1f8b324b15cffa1f89eada460ae29f03242187eab3d205e963642f3193a4bd5e13ef08607e

  • SSDEEP

    12288:QJRf/kk5yUBV8cIjWmEZHSNjqhSjb/xKJuUeBeXeJay/ltKSaYdL7OQJ6YU:QJZPDV8OZYn/xKJu2eJaS3d5J6YU

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      026841cdf2743ebf03fd8b58633475e9_JaffaCakes118

    • Size

      1.0MB

    • MD5

      026841cdf2743ebf03fd8b58633475e9

    • SHA1

      d1d0070ab8096d7fdff0b7d472790768bcfa3fb6

    • SHA256

      f8d12a2d11c883c8907f5921b5a9b8c76caf5cf43c129e0bbf2ed3f54f3a4074

    • SHA512

      affd26d2167627d3958ff9a7ce11dee258b88f43dddf56beab726a1f8b324b15cffa1f89eada460ae29f03242187eab3d205e963642f3193a4bd5e13ef08607e

    • SSDEEP

      12288:QJRf/kk5yUBV8cIjWmEZHSNjqhSjb/xKJuUeBeXeJay/ltKSaYdL7OQJ6YU:QJZPDV8OZYn/xKJu2eJaS3d5J6YU

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks