Overview

overview

10

Static

static

10

9e6903ea7b...18.exe

windows7-x64

10

9e6903ea7b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e6903ea7bcb457da3c05a3721f2eb51_JaffaCakes118

  • Size

    391KB

  • Sample

    241125-2zg5zaxpgk

  • MD5

    9e6903ea7bcb457da3c05a3721f2eb51

  • SHA1

    25f9b4ec7a45bf95455e79183427a625d099c113

  • SHA256

    db8f2e5f4bff8972bd19dbd4c2fa2814f798842dd667f884b4c2871bf9198523

  • SHA512

    d31b39b7e1f82dd6cafe66d7c428be442f329a51abe1b0c4cf1060f8dbd74c9b6b7640c41a147177e1f702928a18a803b6c7650d779eea641ad4a946b04abe5a

  • SSDEEP

    6144:vo1U6zFbkOEKVWRucXQ3iJ4i/PjBPDClVPoaXQQl/IOy+pLkAijTBKJ80d7i:vmCKVmux3MDhDC2QijT08a7

Score
10/10
modiloaderdefense_evasiondiscoverytrojan

Malware Config

Targets

    • Target

      9e6903ea7bcb457da3c05a3721f2eb51_JaffaCakes118

    • Size

      391KB

    • MD5

      9e6903ea7bcb457da3c05a3721f2eb51

    • SHA1

      25f9b4ec7a45bf95455e79183427a625d099c113

    • SHA256

      db8f2e5f4bff8972bd19dbd4c2fa2814f798842dd667f884b4c2871bf9198523

    • SHA512

      d31b39b7e1f82dd6cafe66d7c428be442f329a51abe1b0c4cf1060f8dbd74c9b6b7640c41a147177e1f702928a18a803b6c7650d779eea641ad4a946b04abe5a

    • SSDEEP

      6144:vo1U6zFbkOEKVWRucXQ3iJ4i/PjBPDClVPoaXQQl/IOy+pLkAijTBKJ80d7i:vmCKVmux3MDhDC2QijT08a7

    Score
    10/10
    modiloaderdefense_evasiondiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks