Overview

overview

10

Static

static

3

JaffaCakes...98.exe

windows7-x64

10

JaffaCakes...98.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_1c0ee75595c06ee92f829fbf06710198

  • Size

    237KB

  • Sample

    250123-3nvgla1jej

  • MD5

    1c0ee75595c06ee92f829fbf06710198

  • SHA1

    7d90b75f2fa732511b4f8459dc1e91ec8944f9e4

  • SHA256

    d1b089f79f28d32676832588bf3b7ce2e8cad71f23f84544066cb9e85c792669

  • SHA512

    86ada2872cb95d2133b3db0dfa1a05ceb32c68c2c4a1f4225173e96f3793d9f4c7628d8dcb6a963690dafa0d97487037b3d2e3d87d092b069e3b5f29059a55a0

  • SSDEEP

    6144:UfVqfF+Nx6wk7tl7/kRUqBVyv3W/MMwohDewIw:wSQ2dhu0M7qw

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      JaffaCakes118_1c0ee75595c06ee92f829fbf06710198

    • Size

      237KB

    • MD5

      1c0ee75595c06ee92f829fbf06710198

    • SHA1

      7d90b75f2fa732511b4f8459dc1e91ec8944f9e4

    • SHA256

      d1b089f79f28d32676832588bf3b7ce2e8cad71f23f84544066cb9e85c792669

    • SHA512

      86ada2872cb95d2133b3db0dfa1a05ceb32c68c2c4a1f4225173e96f3793d9f4c7628d8dcb6a963690dafa0d97487037b3d2e3d87d092b069e3b5f29059a55a0

    • SSDEEP

      6144:UfVqfF+Nx6wk7tl7/kRUqBVyv3W/MMwohDewIw:wSQ2dhu0M7qw

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks