Overview

overview

10

Static

static

7

e00ced37ce...18.exe

windows7-x64

10

e00ced37ce...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e00ced37ce53c1d435f4d837ef6f9121_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241211-f2mycaymc1

  • MD5

    e00ced37ce53c1d435f4d837ef6f9121

  • SHA1

    a6da2c186c918d54a0ba81bbc771039aaa92c1fe

  • SHA256

    0622247cd546610207b2ab9aebfccada933800e7f102afcffdd74e8b9bf5dd08

  • SHA512

    a071c9a34e432d7dfa29cf0c7f031b4e247d239bda8446d6841c18116fd632459b6f09e15565ee65c5112101bb34344f7b823aea017279045fc9b0645680b1b3

  • SSDEEP

    24576:jryBIilke1Z4njD1cgvu6cIkyecGClpQZlzFCQUf9:GwRRG6VecGmpQLzFCQ

Score
10/10
modiloaderdiscoveryevasionpersistencethemidatrojan

Malware Config

Targets

    • Target

      e00ced37ce53c1d435f4d837ef6f9121_JaffaCakes118

    • Size

      1.1MB

    • MD5

      e00ced37ce53c1d435f4d837ef6f9121

    • SHA1

      a6da2c186c918d54a0ba81bbc771039aaa92c1fe

    • SHA256

      0622247cd546610207b2ab9aebfccada933800e7f102afcffdd74e8b9bf5dd08

    • SHA512

      a071c9a34e432d7dfa29cf0c7f031b4e247d239bda8446d6841c18116fd632459b6f09e15565ee65c5112101bb34344f7b823aea017279045fc9b0645680b1b3

    • SSDEEP

      24576:jryBIilke1Z4njD1cgvu6cIkyecGClpQZlzFCQUf9:GwRRG6VecGmpQLzFCQ

    Score
    10/10
    modiloaderdiscoveryevasionpersistencethemidatrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks