Overview

overview

10

Static

static

10

aed102da6d...18.exe

windows7-x64

10

aed102da6d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aed102da6d198bdcc72dc12c73c5e77a_JaffaCakes118

  • Size

    21KB

  • Sample

    241129-erxt5azqcm

  • MD5

    aed102da6d198bdcc72dc12c73c5e77a

  • SHA1

    8c778e12d2becb88f803e7e8799e967f5e32fe54

  • SHA256

    deb20810e8e3bd5d5b5a8ac06bf805ba48498b78d12c1119cfdb16ee185d1901

  • SHA512

    19ec2ab084e541d2a0feebffc6252d8324dd9ebf2aab08554a3e973a7d94d7b9023b931fbd902f0acaf8c1f0ee6e3e1360d772f3acaf8d64c7000c5c4d316abb

  • SSDEEP

    384:+JEunqcFxpLszA1JUrPSNLg13uD8V9tABaSS7lU:7unqAxpLszA1+SRgY8V71SSe

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      aed102da6d198bdcc72dc12c73c5e77a_JaffaCakes118

    • Size

      21KB

    • MD5

      aed102da6d198bdcc72dc12c73c5e77a

    • SHA1

      8c778e12d2becb88f803e7e8799e967f5e32fe54

    • SHA256

      deb20810e8e3bd5d5b5a8ac06bf805ba48498b78d12c1119cfdb16ee185d1901

    • SHA512

      19ec2ab084e541d2a0feebffc6252d8324dd9ebf2aab08554a3e973a7d94d7b9023b931fbd902f0acaf8c1f0ee6e3e1360d772f3acaf8d64c7000c5c4d316abb

    • SSDEEP

      384:+JEunqcFxpLszA1JUrPSNLg13uD8V9tABaSS7lU:7unqAxpLszA1+SRgY8V71SSe

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks