Overview

overview

10

Static

static

3

b17616556a...18.exe

windows7-x64

10

b17616556a...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b17616556a113320becfd9f18570ed50_JaffaCakes118

  • Size

    449KB

  • Sample

    241129-qf5alsxkgz

  • MD5

    b17616556a113320becfd9f18570ed50

  • SHA1

    2237d961e38f9ef916aff348ca89c9a659c8f94e

  • SHA256

    d3d53fe306c2406cfa55942854f1bba20da772d000e50bf2108a50fba642063b

  • SHA512

    a2df8233c178cf55a036d72810ccf7da81e596656ae8e9a3e1d7d24d10e3b5008d6a77c5fa85268361dad7d29a6cbad6570ce4f17704fe4fcdcaf9af951b6fca

  • SSDEEP

    12288:dLZofw0Yg5fcgF1g2cZ13tiS/YJgRggqgvmMgy/:ZCzI8m2cZ1dWO51

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      b17616556a113320becfd9f18570ed50_JaffaCakes118

    • Size

      449KB

    • MD5

      b17616556a113320becfd9f18570ed50

    • SHA1

      2237d961e38f9ef916aff348ca89c9a659c8f94e

    • SHA256

      d3d53fe306c2406cfa55942854f1bba20da772d000e50bf2108a50fba642063b

    • SHA512

      a2df8233c178cf55a036d72810ccf7da81e596656ae8e9a3e1d7d24d10e3b5008d6a77c5fa85268361dad7d29a6cbad6570ce4f17704fe4fcdcaf9af951b6fca

    • SSDEEP

      12288:dLZofw0Yg5fcgF1g2cZ13tiS/YJgRggqgvmMgy/:ZCzI8m2cZ1dWO51

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks