Overview

overview

10

Static

static

3

a3c8187f39...18.exe

windows7-x64

10

a3c8187f39...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3c8187f395644a06b5799f663b2e578_JaffaCakes118

  • Size

    591KB

  • Sample

    241126-ygrd5ssqgr

  • MD5

    a3c8187f395644a06b5799f663b2e578

  • SHA1

    d8a91684a028e2850d5bf93f60533a73bea7bd8d

  • SHA256

    19c11a89f8441372e42bc3e1687725808c1246069515efb403cf2e4de8b17470

  • SHA512

    0787d6dff711174242951a6e13bbd589d8237723d1c03b460234a65e327929e9b5295ac18e88ad1fe245f41b1a98001afc1f73aaab4bcbe81204b9d51ef4597b

  • SSDEEP

    12288:jZrhnSAfhz0YWEWC0EDPqF0fCPzENANp6VRIxRzqJAyRaj8b/ZLlEMSfGeNK:jZrhSA502WkPqaqPzXNYfIfzCA8q8tGI

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      a3c8187f395644a06b5799f663b2e578_JaffaCakes118

    • Size

      591KB

    • MD5

      a3c8187f395644a06b5799f663b2e578

    • SHA1

      d8a91684a028e2850d5bf93f60533a73bea7bd8d

    • SHA256

      19c11a89f8441372e42bc3e1687725808c1246069515efb403cf2e4de8b17470

    • SHA512

      0787d6dff711174242951a6e13bbd589d8237723d1c03b460234a65e327929e9b5295ac18e88ad1fe245f41b1a98001afc1f73aaab4bcbe81204b9d51ef4597b

    • SSDEEP

      12288:jZrhnSAfhz0YWEWC0EDPqF0fCPzENANp6VRIxRzqJAyRaj8b/ZLlEMSfGeNK:jZrhSA502WkPqaqPzXNYfIfzCA8q8tGI

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks