Overview

overview

10

Static

static

10

9fd68a5d4b...18.exe

windows7-x64

10

9fd68a5d4b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9fd68a5d4bce79dee4797a713ecfc388_JaffaCakes118

  • Size

    319KB

  • Sample

    241126-e57aqavkfv

  • MD5

    9fd68a5d4bce79dee4797a713ecfc388

  • SHA1

    d83a2391d30ba8d9d297c91f9eae75c0ddc5f989

  • SHA256

    623e2eb21ff884bc0d32f49368924eae272a4855f52cfc67c37f2c8fd845c544

  • SHA512

    70e19cbf73f63efd375e8ae52918ef9e32eaba61822262252ec2c6bde4c3905129a2be99923b57b9f99719ea0e6f0e8cbb273f8950f91ea0f5c64a11b87ae50b

  • SSDEEP

    3072:lo1kmwjN2fSGF+YPpYX86NPSwX6TVO3WI1aBM5TJCDFkAYAPc+4lgkuVkToQ+qvJ:a1OQ+YyHPleIx4DOtGctoQQ+JJkmVZz

Score
10/10
modiloaderdiscoveryspywarestealertrojan

Malware Config

Targets

    • Target

      9fd68a5d4bce79dee4797a713ecfc388_JaffaCakes118

    • Size

      319KB

    • MD5

      9fd68a5d4bce79dee4797a713ecfc388

    • SHA1

      d83a2391d30ba8d9d297c91f9eae75c0ddc5f989

    • SHA256

      623e2eb21ff884bc0d32f49368924eae272a4855f52cfc67c37f2c8fd845c544

    • SHA512

      70e19cbf73f63efd375e8ae52918ef9e32eaba61822262252ec2c6bde4c3905129a2be99923b57b9f99719ea0e6f0e8cbb273f8950f91ea0f5c64a11b87ae50b

    • SSDEEP

      3072:lo1kmwjN2fSGF+YPpYX86NPSwX6TVO3WI1aBM5TJCDFkAYAPc+4lgkuVkToQ+qvJ:a1OQ+YyHPleIx4DOtGctoQQ+JJkmVZz

    Score
    10/10
    modiloaderdiscoveryspywarestealertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks