Overview

overview

10

Static

static

3

1b7a399fe9...18.exe

windows7-x64

10

1b7a399fe9...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b7a399fe9f7737db25bc85f76a7aeaa_JaffaCakes118

  • Size

    538KB

  • Sample

    240701-qrrhwstgqb

  • MD5

    1b7a399fe9f7737db25bc85f76a7aeaa

  • SHA1

    218696935c98ac38a25fa267b2dfe9d1f76df9f1

  • SHA256

    eaf4edcfb000daf20c71df4db936b96c7cd66b108e5832fbab609e3848de77cc

  • SHA512

    971008dfb63355188421868ac4a837356a898e7b7933aa42204b164fb7adf71312c66bfe2b582100ec68dc4e317c4cc35fc7a294c00f0ecaaf149c1730f249fc

  • SSDEEP

    12288:XNXi8Pg9rCudUTdp4CpNllF3Z4mxxNcVYLqagaRrS0p:EesCu+TACnllQmXSVYl3

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      1b7a399fe9f7737db25bc85f76a7aeaa_JaffaCakes118

    • Size

      538KB

    • MD5

      1b7a399fe9f7737db25bc85f76a7aeaa

    • SHA1

      218696935c98ac38a25fa267b2dfe9d1f76df9f1

    • SHA256

      eaf4edcfb000daf20c71df4db936b96c7cd66b108e5832fbab609e3848de77cc

    • SHA512

      971008dfb63355188421868ac4a837356a898e7b7933aa42204b164fb7adf71312c66bfe2b582100ec68dc4e317c4cc35fc7a294c00f0ecaaf149c1730f249fc

    • SSDEEP

      12288:XNXi8Pg9rCudUTdp4CpNllF3Z4mxxNcVYLqagaRrS0p:EesCu+TACnllQmXSVYl3

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks