Overview

overview

10

Static

static

5

minicomman...3a.exe

windows7-x64

10

minicomman...3a.exe

windows10-2004-x64

10

minicomman...er.exe

windows7-x64

5

minicomman...er.exe

windows10-2004-x64

5

minicomman...3a.exe

windows7-x64

3

minicomman...3a.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    abe8cdfe86c941fb52c627d92928d9f8_JaffaCakes118

  • Size

    474KB

  • Sample

    241128-lxeztszlbm

  • MD5

    abe8cdfe86c941fb52c627d92928d9f8

  • SHA1

    230dafbb66b7c86d452fd1c6e71d800843e247c6

  • SHA256

    abe04ade91cc059bb27b94d29d0a15ac3e861870645ed04672a91cf798de29a0

  • SHA512

    047cc9567f8cebd24cc262e8f6d1adc6933dc5e01776d1aac0ac7245f6fbfb82e274cb4643127db168f44fff06bb8676d372754ea3afbe349f1b41798e07b3c4

  • SSDEEP

    12288:ZNuQWU+sBSn+U0ZRzNR9YeT6ocx1vS+uSEF5wFqpGKAqqi0:6nsPpDzWeT6lpSJJfw5Vni0

Score
10/10
modiloaderdiscoverytrojanupx

Malware Config

Targets

    • Target

      minicommand/Client13a.exe

    • Size

      345KB

    • MD5

      e7cc9ae95d7cc2b90f99d53352688db3

    • SHA1

      9d3874f2324973413ccb2fb121aa25ce0e564048

    • SHA256

      ffc248b991731325d33312423240256cf97d6ee0741ab8ac0f42875dfc4355fb

    • SHA512

      4ea3778ee536052fb9dbb673a0591f975b8294bee107475d4c73a203d9af68f2cc1c01b12ba97f83c3148aadf246fb7956038371f2aff86d5b40080fe66ee589

    • SSDEEP

      6144:CsxldV2zRmZh79woGyBuwkvpF7xzpfnBmnQeSoen/ABo9ass6OpRILOGUTU09:CsDGmZR9woCwkvdpfnBmn0assDILOGw/

    Score
    10/10
    modiloaderdiscoverytrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader First Stage

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      minicommand/EditServer.Exe

    • Size

      147KB

    • MD5

      0fd289f23db95cb1027e1256d2df5c95

    • SHA1

      a4b38d47f18eaaaa4ecde433be0537240038453b

    • SHA256

      eb532e782daae26f96e25fb0808946f89259955c65a43ac73d812249f1f9a56e

    • SHA512

      7b52db9340f409b6b79b6cda19770ededc45d9be2291540490adf5ca129b91a9e7ff125f3237013d524adc5711a9f534dd37126d905dcc4b02af99649bbc192a

    • SSDEEP

      3072:VE3ZfNqOMnq31mnyk/VLbBky3pnmqck1nYaMH64T:uBNqOMq3gX/VpF3pmqhVMHT

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      minicommand/srv13a.exe

    • Size

      8KB

    • MD5

      a8c73f06bbd9458c2d5e62d855b3a961

    • SHA1

      5076eca8616b9b4d2ea0fef3b421c475ee655da0

    • SHA256

      bb53fa904bef1ab926266fc8136bc0a0dd0380073f0da6b8dc6720e49d62e979

    • SHA512

      b830bbddffd2b8984d1074c7d3c8a743af845743bf6e00c5ffc872bc634d387728ae5b16808f8032306fcb18735997ca7124ac44f0fc7451632198c10a9cb840

    • SSDEEP

      48:OEPS3vj+MpKuuHvubM5aXG/SqltbWjMDDDu2CXXJFxgkzBSdPWRHbvH:nPCppKuKoXG/L6B2MXJFHEJWR7

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks