Overview

overview

10

Static

static

3

e7e4fc0e0f...18.exe

windows7-x64

10

e7e4fc0e0f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e7e4fc0e0f15a1a06b7568a28d31444f_JaffaCakes118

  • Size

    369KB

  • Sample

    241212-x3dvhawqgr

  • MD5

    e7e4fc0e0f15a1a06b7568a28d31444f

  • SHA1

    2f30ac64766ef76ca0b91ec1fd9822471b84ddbc

  • SHA256

    e0b2776449a62021edd9c6db50687ca7d5fa80a974f1198f2125c6deb6db9b43

  • SHA512

    609c6c29ea5d3ba8c4afe6519b31c10e7170f48e3b88d21dbe4f21381d2741fa32aa79b6382b7ca91fd0df30198e9b7173656e80c855b3c4d3f832ba233e79da

  • SSDEEP

    6144:JkX3FZVXXIzo0mSoEbLU07+tlVpu8gprhnp0uzlbKpC2sglxDUfksFtGnE74pW:JkX3fVyo0mSon07uru8mHsC2def8Y4pW

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      e7e4fc0e0f15a1a06b7568a28d31444f_JaffaCakes118

    • Size

      369KB

    • MD5

      e7e4fc0e0f15a1a06b7568a28d31444f

    • SHA1

      2f30ac64766ef76ca0b91ec1fd9822471b84ddbc

    • SHA256

      e0b2776449a62021edd9c6db50687ca7d5fa80a974f1198f2125c6deb6db9b43

    • SHA512

      609c6c29ea5d3ba8c4afe6519b31c10e7170f48e3b88d21dbe4f21381d2741fa32aa79b6382b7ca91fd0df30198e9b7173656e80c855b3c4d3f832ba233e79da

    • SSDEEP

      6144:JkX3FZVXXIzo0mSoEbLU07+tlVpu8gprhnp0uzlbKpC2sglxDUfksFtGnE74pW:JkX3fVyo0mSon07uru8mHsC2def8Y4pW

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks