General

  • Target

    0c61272c28ead2514252692587911331_JaffaCakes118

  • Size

    12.6MB

  • Sample

    240501-vt6staec24

  • MD5

    0c61272c28ead2514252692587911331

  • SHA1

    fd60d3d31c54f3a259fdca589f425084fb04438d

  • SHA256

    8e5fa699043793694cac69970b308a0b4760d69ab4b7165551c11dfd63d194f3

  • SHA512

    b19d3b64b25f6f01e77c79479cdd58a49a1bd40ecb80feb3cc8454ebe17c55ed85e3a81061d43969555f379e086d28c742b44f025bfd7b8ff949dbcaa5a33eac

  • SSDEEP

    393216:2NKib/yAsEun8NgJJYZL+gD6OZlvWJ+R14AAbBn2tkl:2IK/yASVALn6f+IRnqkl

Score
10/10

Malware Config

Targets

    • Target

      tapi/bpl/DclRx6.bpl

    • Size

      167KB

    • MD5

      24e94163ef28970bc7326118ebd14039

    • SHA1

      0373786151fb413ddb36225891fd605d44c3394c

    • SHA256

      db23c63bb7aec978ef5ae06f71a308f03f99f52a253a46090e47d72265da6ddf

    • SHA512

      7a7b51a6c3df1494e816136c7e129e0e857de572090e20aa94498012e281394cf8d8c290dec4819fd946818c2a667ff6ed2405b8d506fdc29af3a85450bf4bdf

    • SSDEEP

      3072:47wdeXFzXBoJ+dLD6I3Z7tNJzYd3sqmjpBSvOJ8p:4EkpCIlOI3NWB

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader First Stage

    • Target

      tapi/bpl/Dclent40.bpl

    • Size

      34KB

    • MD5

      782870eb3fac7798a1ec75cf3705929b

    • SHA1

      b573f74134e0b29f6861e048dcd49ac481f13350

    • SHA256

      0ac279bf739ad6b36081a52df43cc5ea32ea10676ddfc2a26524346be8238e09

    • SHA512

      538e6c1a1282aea0dc4a3cdb9fe6403f0a17ca0ca180648b7f5e721ec4115ab21e1aa53ce3812a65719a9e59562a73b3507296cc407b84f62b57dcc8c866499e

    • SSDEEP

      768:/mQZnz2z6/ib97JLJzBIBZN6ws0G40MSuxoX:/mvdLJ9YZtsx40MSuaX

    Score
    3/10
    • Target

      tapi/bpl/FlatStyle_D6.bpl

    • Size

      335KB

    • MD5

      446465178fd0eb861e65237245eb84e8

    • SHA1

      b885731c8b13bfd111519eafbcdf87e04915f09e

    • SHA256

      ddc97ecae4b3fb851f7af7821b4a9437dc69c4a69bb68dda3683568d440198bc

    • SHA512

      6d624d9c2089941e2044f3fec2b5e7e5942c24ab096943d3b5202878742ebb2b1defcc2a88f98961cb3c99d79f354b8b5261a17e742a52861a7f6002841f9a7c

    • SSDEEP

      6144:gNeWzmJ7M84tZGQDqnykkqvoWLNMihJ/:ae4+484tZ+keoO9

    Score
    1/10
    • Target

      tapi/bpl/Idl2PasWizardPkg.bpl

    • Size

      80KB

    • MD5

      bb7b10875e680d05dc827c88834d13b7

    • SHA1

      f5a2a9c1e429a39987c4c7e110d2e174600f3b06

    • SHA256

      e18eae36e0bd784c02124d25beed20a5d5641b202ed7595bcaf1dab6ba63a173

    • SHA512

      62fd4436722bcb568ec92c2c65f95dfc5cd5ff7884c6869c4909594fc873de7c2896926fa538b9161462a213920866ffeb9a6fd5e4eb7cd2f85990872eaf442a

    • SSDEEP

      1536:t4zWC1S1Fg1z18yG6N7J6YF6KO91y+aa1bgTk6Lv:KzWwQFgRW6N7J6YY90n6gA6Lv

    Score
    1/10
    • Target

      tapi/bpl/Indy60.bpl

    • Size

      1.0MB

    • MD5

      35d5fb520ebcff3db9be5ad093c3dbf5

    • SHA1

      b3a560565d1914b8a508a1acca31ec1e8356d66f

    • SHA256

      aec7519a7fe775ee1917fbd5d2aaee267f22c8b580cfeade4f99becc44152855

    • SHA512

      9ba84018e45c3a73ee1500ac2ca285d563bfeb7e4424475b9b4396163172278e46446f5dad4f9e4097a78edf2b081e1b57a0371405834125c373856cd620f71a

    • SSDEEP

      12288:/czA6vYx92vrxYQW3/Dg447FUSPnqnPcM1MHi77r5iAnjimBeOvB:/d6Qx92vrxFS/DgPuSiPrqHi7ziie

    Score
    1/10
    • Target

      tapi/bpl/Osgdcld6.bpl

    • Size

      470KB

    • MD5

      a8b4997582144e5572d66eb6c3dd45b6

    • SHA1

      d57b194704965ada050c89efb9455c38f6ea72ae

    • SHA256

      6dc7c9f6b8209be9b002cc690e9f995bcebc28398a50a153ba7e8d0146c39a1a

    • SHA512

      8bc8e4630a7529e933f3e79e6f76d5823dcb9cef938d42992552af6d34654f3d1c166e7226b2071580c7eed54505925feefcf5af78bf36c31fce753ccd64fb64

    • SSDEEP

      6144:+Z3eRN26vBBirbk/mHqN5SOMJS7HgXkY6F7X1UTCJSBEQnPZpePaFE:+Zu32Zbk+KN5OJS7GPZl

    Score
    1/10
    • Target

      tapi/bpl/RealGrid6.bpl

    • Size

      366KB

    • MD5

      619f8c6a30eddbd3ab01a2513f8fbf4f

    • SHA1

      e9224ee46acc78e0c7bbbf7ad9f4caedfd04ed9c

    • SHA256

      fc9e444947d8632f3fdfe0c4b0ce3957b78ebd4c07c1fc43b60a91b0377d7c8a

    • SHA512

      4ac028ef5fd1076a522c27ee73b402b5177afdda453b0ef3b3c26893273bacb4d8fd74143160e234eb853b9c8948b291d28c2264211561f78c170c41a85cf05c

    • SSDEEP

      6144:nnhCUiYxk/pUwv9WindMAgfP//fmwvNwFC1OOAsMREGfBRi:nnDi//p3WQdMAgfP//fmwvN+OMBRi

    Score
    1/10
    • Target

      tapi/bpl/RealGridDB6.bpl

    • Size

      108KB

    • MD5

      62ae72fe05926c2fdc8ebc057766df32

    • SHA1

      d2f28d54d19e830cd55e56443750754a68c0a8d0

    • SHA256

      dcbb46f2f1797c03d923571ea1224206f9ce31551cb095f52a347f148e3f64ed

    • SHA512

      0cf65e5a17af6ff839b9d79d482e0845a6cd3177adf1cd5bf2280bbe0044543a1c01573cffdecb8899570bb60572d1f3ef598aa7b28cee059d73b76ce9da8be6

    • SSDEEP

      1536:mvIhgygYZDQ+2Q/ZN/cR3vD/skvHkEtr/CT3w3ag0qFYJoYghvfKF/f3rtejVV32:P8IrqfvEsublqaJoYd/aVZEoGFG6

    Score
    1/10
    • Target

      tapi/bpl/RealGridEX6.bpl

    • Size

      66KB

    • MD5

      3338234881250cbb398d0e25bc38c9a9

    • SHA1

      3778017b694fd76145c4cf0b6eb7c76154307839

    • SHA256

      26c677ce67f14925fed3a0ead1ca6d0a22b382e1714ff6c067a0686b025f7ff0

    • SHA512

      b6423bab008e656912559af1704d4c87a32eaa010e28315e1d4e07a162923f23415e5d7580a5d92f8be36d65a56bcd1d81e14f8227727311d177583190b0b8a6

    • SSDEEP

      1536:gpYQWYs0fIfiHJaQyG6ArPLJAYZljeH/7wsAR+u:gpbWYsmymUXOrTJAYHjef7wsAz

    Score
    1/10
    • Target

      tapi/bpl/Vclent40.bpl

    • Size

      196KB

    • MD5

      33d702787d39ae2bd4a8c391c8261856

    • SHA1

      19d6de8130ad4ec64212f363348a850766d3916d

    • SHA256

      e75a6266b65b4c0d348f2547f6df1a111877a903b02f15a5c12309c07786ebef

    • SHA512

      f621ad083a4a0e90407bfb938ae7f270aa863350322a653508b0762e2ba014a418a59158904852e27ceafbb43e77f0474b2b3c1f18c3f1a2d4e0059f35958434

    • SSDEEP

      6144:3ytoSPTTYwuVi2mYJMZwgLjB640jRs7mmFsefWjxOpi7r3WSJsbut:3ZSPTTYwMVBJZx40jRs7mmFsefWjxOp

    Score
    3/10
    • Target

      tapi/bpl/XDBGrid60.bpl

    • Size

      219KB

    • MD5

      7d553ee0d4692f400e2b454c409f02aa

    • SHA1

      b04763f40d568e614b20e90560a3fbc65ca8f048

    • SHA256

      cbb4f38f44442bb6fc79b8bce56ffa42d1a824555aaebbdefeaea4a27e90a459

    • SHA512

      1bbf441e928793b76b49b09c6a5034298914228dc814d792fd36f82c004b92bb8ce0c7080c1db1c77c915a506a4c8ba84c554469a2a8715770f2a13d0f087b96

    • SSDEEP

      3072:kEC/FbHHXzCb/dG715qqu/E94JSYtfoLCoCoiCxAaJcD/:FC/5ncW15V98CcD

    Score
    1/10
    • Target

      tapi/bpl/adortl60.bpl

    • Size

      145KB

    • MD5

      bfa2af95db472ee11b7a90771cbcd056

    • SHA1

      9f12b353bab764b9e58025ff7bedf6f6bbc80183

    • SHA256

      851873d384ab644cb2d55305a6a6ba240dfb3b97ee2c736a50d8ebc44493814f

    • SHA512

      629a4dac346fdc8f922e864a718a4f12e52eb9e8541fb6ea56fdb46783a0bdbb4aff27be2694fcd88aaef87859bc8ca3a6f7f6b9445b87c88017d532a70fae10

    • SSDEEP

      3072:FSu7hZrpfpIuPuvukchWL10o4RZFgGJ3YTpXISsOw2:FSoqGm+hWEoGO

    Score
    1/10
    • Target

      tapi/bpl/applet60.bpl

    • Size

      53KB

    • MD5

      f171113296e47a32318cd87350f40e47

    • SHA1

      07ea40080fac3684b591bd5812665048a035b57f

    • SHA256

      26b19a81e3f5ec33e05cc070934d86e789d1e4bd929e4ec7566a3b6e23e119eb

    • SHA512

      03ebeabbbe70d245787cc7be0f3a1198a3ab9f0f7a0a357ae0377f9744dc57af7df1b5e170004343133ea63365e4539f3dc23a37196be2f7dbab21fcfa64516d

    • SSDEEP

      768:aNj/BVFwmkNzFD3CImTtm8FCOLQJgBIBKJaZF/4NAsoNfHyxwWQqwLxd/i:avwmyRR8qJwYbQNAfVdFi

    Score
    1/10
    • Target

      tapi/bpl/bdertl60.bpl

    • Size

      217KB

    • MD5

      b87ef5f1ed15cfdedadab33fa7ed3beb

    • SHA1

      a80521bd90beb801cd0536789e6661a7dc3b8d07

    • SHA256

      b56d3e643fb1eef7018aa120ddab53ae0402ef997e1441a1ad7ff4ce25f79658

    • SHA512

      fdd5aeef55e17a83bc3d62496b72bc9c668f4b4c7991d48c5935f6a006cf78a395dc12c0fa611891b5dfcfcb1574b95eaf375451584bb99d4cfa8228cfda4acb

    • SSDEEP

      3072:86urwEZGSLNKvsf4NeySKUMJ/IZQQCcdh4kjJHYl2NDdjlGgu3owBe:85cEp4Q73MdGycj4D4DdjlGgu

    Score
    1/10
    • Target

      tapi/bpl/borlndmm.dll

    • Size

      21KB

    • MD5

      3e7deddeee7dac29cd4dbbf079d33860

    • SHA1

      2486135de57224740428a3f4f5fc33757096cd80

    • SHA256

      e7b3218d1ef0d16fe29674144dc2f887f281687476b5ba4625cbdd680c22a92a

    • SHA512

      9c1a997ce270d7b40a39a0485137845688c3f943fa5f6ccf32635c0964f0adf21543b967450b9ee64427167ddd1f623d0c62d912032e01bddd896dc7c19eab46

    • SSDEEP

      384:XaUsCZSqwPFszghel6ZWgAxIqx0BsyO3QfnOzQnHN:XarCsqqFszgQcLAxIqbhQ2Qnt

    Score
    3/10
    • Target

      tapi/bpl/clxdesigner60.bpl

    • Size

      231KB

    • MD5

      fd4258fede68b1d7013eb8760dbca7df

    • SHA1

      ca682d10909a48c72dfe289e249b8bbe7711a73e

    • SHA256

      5c33016c6a853ac062b40372bccf0eb7ffe674047cebf1babea981546dbb0881

    • SHA512

      3ac52120a7333904644db4d134f71da9a820f819cac5abc5c8d6c25fe46ad370c93ec3edc4bbd6cb79b6bd41753497471e2d2dfa87cf9b9fcc9bc91c193e277e

    • SSDEEP

      3072:Q89eiUvOIMTAXIJ880ujhC6wDhI1Nk+y30JFY5e5efbXlgG7k5Edn6MJYwruHdaT:giUjmbW8N7wMNk+aVjCZNQ

    Score
    1/10

MITRE ATT&CK Matrix

Tasks

static1

modiloader
Score
10/10

behavioral1

modiloadertrojan
Score
10/10

behavioral2

modiloadertrojan
Score
10/10

behavioral3

Score
3/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
3/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
3/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10