Overview

overview

10

Static

static

3

JaffaCakes...49.exe

windows7-x64

10

JaffaCakes...49.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_714262a7a7bbf39256d333d4b5883b49

  • Size

    721KB

  • Sample

    250116-ksqp4aslb1

  • MD5

    714262a7a7bbf39256d333d4b5883b49

  • SHA1

    cba470a68080c499d50d99f337ef03fea0c8d1dd

  • SHA256

    26cd0bd1983a210a4e68b0ebb56029c17471d27d53cd2d8310bdb41c367d9191

  • SHA512

    cfa4c69d23ab8dc1f98a581f84062e4f919041aea627d30319f4925fdfe7a02eb796fcfd574a4ee1642327978b4f9a399e9fe1a0b97e1e7dd251fa400c8e0d97

  • SSDEEP

    12288:9c//////k7ymKeqPKgAlqOoh7rJZ9uIPMugRbg1MPNRUqPsbOGbBl4upep6duAe3:9c//////krBSlA0OmfJztVgYMFRULKik

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      JaffaCakes118_714262a7a7bbf39256d333d4b5883b49

    • Size

      721KB

    • MD5

      714262a7a7bbf39256d333d4b5883b49

    • SHA1

      cba470a68080c499d50d99f337ef03fea0c8d1dd

    • SHA256

      26cd0bd1983a210a4e68b0ebb56029c17471d27d53cd2d8310bdb41c367d9191

    • SHA512

      cfa4c69d23ab8dc1f98a581f84062e4f919041aea627d30319f4925fdfe7a02eb796fcfd574a4ee1642327978b4f9a399e9fe1a0b97e1e7dd251fa400c8e0d97

    • SSDEEP

      12288:9c//////k7ymKeqPKgAlqOoh7rJZ9uIPMugRbg1MPNRUqPsbOGbBl4upep6duAe3:9c//////krBSlA0OmfJztVgYMFRULKik

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks