Overview

overview

10

Static

static

10

b5cb8889df...18.exe

windows7-x64

10

b5cb8889df...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b5cb8889df4415b9feb3a049cd711a40_JaffaCakes118

  • Size

    156KB

  • Sample

    241202-abvmlstngl

  • MD5

    b5cb8889df4415b9feb3a049cd711a40

  • SHA1

    650943ed273762cf49f70b67b5a2415572c2e624

  • SHA256

    e1170747a5dc124aa7a338d58c114d11ea9e8f7d96e9ce586a672949c233ad0a

  • SHA512

    3e2a33b875e22dcd096e78fb42211aaf076d3cfc22df76c2e1853b98347470f66d92de6f757675b28095928f79b2499317e4c4017f4d8908ab2f249189636dd5

  • SSDEEP

    3072:w717UD0ekjKlSVgwFluaGRgT/MvjNrHDx6f3Xmixq4raMI:w717UpGKlSWwFluaGRgD8+f3pxjbI

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      b5cb8889df4415b9feb3a049cd711a40_JaffaCakes118

    • Size

      156KB

    • MD5

      b5cb8889df4415b9feb3a049cd711a40

    • SHA1

      650943ed273762cf49f70b67b5a2415572c2e624

    • SHA256

      e1170747a5dc124aa7a338d58c114d11ea9e8f7d96e9ce586a672949c233ad0a

    • SHA512

      3e2a33b875e22dcd096e78fb42211aaf076d3cfc22df76c2e1853b98347470f66d92de6f757675b28095928f79b2499317e4c4017f4d8908ab2f249189636dd5

    • SSDEEP

      3072:w717UD0ekjKlSVgwFluaGRgT/MvjNrHDx6f3Xmixq4raMI:w717UpGKlSWwFluaGRgD8+f3pxjbI

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks