Overview

overview

10

Static

static

3

960d7c8992...18.exe

windows7-x64

10

960d7c8992...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    960d7c89924330c4af58f402575c9ae2_JaffaCakes118

  • Size

    633KB

  • Sample

    241124-vkwaqazjew

  • MD5

    960d7c89924330c4af58f402575c9ae2

  • SHA1

    1cb8660294e2bfd3221d390b80fef753cb58c029

  • SHA256

    c5a720e0bb6e39024f78ec22363a84c59a1cc0de5e1d742c13f90d25c8fe1264

  • SHA512

    7da5f6207c693eae15a2400e845f9de82839021eda23795a00c2c2d6d6605cae7031f888ae42fa1d8b97d48761e4b6d85e226430c5b31301e5b86e4465a73de6

  • SSDEEP

    12288:pWaSt+fMSpPVoPdlhAFlXM5o2VMMqSS5U9+9EdNZghX1:pGLSpEdlyHGoPpzEHZul

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      960d7c89924330c4af58f402575c9ae2_JaffaCakes118

    • Size

      633KB

    • MD5

      960d7c89924330c4af58f402575c9ae2

    • SHA1

      1cb8660294e2bfd3221d390b80fef753cb58c029

    • SHA256

      c5a720e0bb6e39024f78ec22363a84c59a1cc0de5e1d742c13f90d25c8fe1264

    • SHA512

      7da5f6207c693eae15a2400e845f9de82839021eda23795a00c2c2d6d6605cae7031f888ae42fa1d8b97d48761e4b6d85e226430c5b31301e5b86e4465a73de6

    • SSDEEP

      12288:pWaSt+fMSpPVoPdlhAFlXM5o2VMMqSS5U9+9EdNZghX1:pGLSpEdlyHGoPpzEHZul

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks