Overview

overview

10

Static

static

3

910dfd05b4...18.exe

windows7-x64

10

910dfd05b4...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    910dfd05b43191f376040a0325b79795_JaffaCakes118

  • Size

    872KB

  • Sample

    241123-2kscdszpdy

  • MD5

    910dfd05b43191f376040a0325b79795

  • SHA1

    2cd9d7a05387efd1f28f6f307c5aee1d5661a977

  • SHA256

    c2bdb2b1f9a76c1087ac84d303441793e17b4f5e5a59cd4a2269bfe96e5515fa

  • SHA512

    82a7934ac51ea1e26bd60644b8ae93e07d60df133f3e72dd85c9773a9eb0b44071a0093e76492fed10842b14f2bf2cbe85766f0f155f8be6353aeec7ee3f181d

  • SSDEEP

    24576:k1dlZo5r5SM6Wp7Utyd2ViBiMP4bXvwbtPbWw7Pv:k1dlZor5SMOtVS74zvkaw7n

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      910dfd05b43191f376040a0325b79795_JaffaCakes118

    • Size

      872KB

    • MD5

      910dfd05b43191f376040a0325b79795

    • SHA1

      2cd9d7a05387efd1f28f6f307c5aee1d5661a977

    • SHA256

      c2bdb2b1f9a76c1087ac84d303441793e17b4f5e5a59cd4a2269bfe96e5515fa

    • SHA512

      82a7934ac51ea1e26bd60644b8ae93e07d60df133f3e72dd85c9773a9eb0b44071a0093e76492fed10842b14f2bf2cbe85766f0f155f8be6353aeec7ee3f181d

    • SSDEEP

      24576:k1dlZo5r5SM6Wp7Utyd2ViBiMP4bXvwbtPbWw7Pv:k1dlZor5SMOtVS74zvkaw7n

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks