Overview

overview

10

Static

static

3

9f1682002d...18.exe

windows7-x64

10

9f1682002d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f1682002d7bae733685436fb9fea13c_JaffaCakes118

  • Size

    649KB

  • Sample

    241126-b2hamstpbn

  • MD5

    9f1682002d7bae733685436fb9fea13c

  • SHA1

    b12616d750102bf212e2c113169f791f6d929340

  • SHA256

    8979a0252075f4215fdfe808d3932fa241a8dafdbb38bb42d64ace59113654e8

  • SHA512

    99e73744b5e9c6f5e8802f9a2cc5dc472cbf6beb5b15dba821015206c705d7e45b0c77d8ba3b6240fe490a75899b68d1790f64827491813e4c8d560ac64394c5

  • SSDEEP

    12288:JZj7e1Dmjhb9d278FKazlo58b1yh1OQlLUA0qcMAoPwneGOskch3OIT:C1Dmjf0mKkoy1+095qcDLkskS3OIT

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      9f1682002d7bae733685436fb9fea13c_JaffaCakes118

    • Size

      649KB

    • MD5

      9f1682002d7bae733685436fb9fea13c

    • SHA1

      b12616d750102bf212e2c113169f791f6d929340

    • SHA256

      8979a0252075f4215fdfe808d3932fa241a8dafdbb38bb42d64ace59113654e8

    • SHA512

      99e73744b5e9c6f5e8802f9a2cc5dc472cbf6beb5b15dba821015206c705d7e45b0c77d8ba3b6240fe490a75899b68d1790f64827491813e4c8d560ac64394c5

    • SSDEEP

      12288:JZj7e1Dmjhb9d278FKazlo58b1yh1OQlLUA0qcMAoPwneGOskch3OIT:C1Dmjf0mKkoy1+095qcDLkskS3OIT

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modifies WinLogon for persistence

      persistence

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks