Overview

overview

10

Static

static

3

19e08011fb...18.exe

windows7-x64

10

19e08011fb...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19e08011fb339f18cbb5d2c2c85db3a6_JaffaCakes118

  • Size

    44KB

  • Sample

    240628-m4yk7awcjh

  • MD5

    19e08011fb339f18cbb5d2c2c85db3a6

  • SHA1

    c7f2ff109124c4fcd12c1578da3ec07d0061644f

  • SHA256

    5a65e6273b9245dca62c3b5ccb748fb53898827074f3f2609ba9b39ea3e1cedb

  • SHA512

    e67eae6681499334394f9a68baea629c8c8510f23dd129dffa644ea702f797aae23890af42a3b43390860f9f61c41968fdaf768fb5b01fc99b8b0d4a9eb1d0d1

  • SSDEEP

    768:TzB4YaZ6uCKMrsRP1kQOvi7Q7uWPFz0EJ0PtuOi68FD7X9M9s8ecZuff/Ym6/IB4:TCYaZ9hRP8vi74FgEJ017i9FnONAfYmE

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      19e08011fb339f18cbb5d2c2c85db3a6_JaffaCakes118

    • Size

      44KB

    • MD5

      19e08011fb339f18cbb5d2c2c85db3a6

    • SHA1

      c7f2ff109124c4fcd12c1578da3ec07d0061644f

    • SHA256

      5a65e6273b9245dca62c3b5ccb748fb53898827074f3f2609ba9b39ea3e1cedb

    • SHA512

      e67eae6681499334394f9a68baea629c8c8510f23dd129dffa644ea702f797aae23890af42a3b43390860f9f61c41968fdaf768fb5b01fc99b8b0d4a9eb1d0d1

    • SSDEEP

      768:TzB4YaZ6uCKMrsRP1kQOvi7Q7uWPFz0EJ0PtuOi68FD7X9M9s8ecZuff/Ym6/IB4:TCYaZ9hRP8vi74FgEJ017i9FnONAfYmE

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Drops file in Drivers directory

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks