General

  • Target

    09b08ef9cc21337e994d034e0d89fcb9_JaffaCakes118

  • Size

    685KB

  • Sample

    240620-12bwastcpl

  • MD5

    09b08ef9cc21337e994d034e0d89fcb9

  • SHA1

    e0bdb668fc9641aabf48084b09b8f8e88cef1043

  • SHA256

    44f7f0b048b37ccde8b257eeca4156e96aee9e3e8b43ad0a23de8215c46459e2

  • SHA512

    b8f68263167f57ba33844618f8ef754b3c81a5cc8c57b3a3c64e69b474714ac42b07e8dda0e66eaa23a21210943df27d266191d0acf00bd3dce82ec9619e1b92

  • SSDEEP

    12288:iJ9KSBADXsTZmUwpnLLYjFVN2e0jZACuxEMbSW9rWNgvEmzpmzWMR:8A7im9/AFj70SHx7WW9XvEksR

Score
10/10

Malware Config

Targets

    • Target

      09b08ef9cc21337e994d034e0d89fcb9_JaffaCakes118

    • Size

      685KB

    • MD5

      09b08ef9cc21337e994d034e0d89fcb9

    • SHA1

      e0bdb668fc9641aabf48084b09b8f8e88cef1043

    • SHA256

      44f7f0b048b37ccde8b257eeca4156e96aee9e3e8b43ad0a23de8215c46459e2

    • SHA512

      b8f68263167f57ba33844618f8ef754b3c81a5cc8c57b3a3c64e69b474714ac42b07e8dda0e66eaa23a21210943df27d266191d0acf00bd3dce82ec9619e1b92

    • SSDEEP

      12288:iJ9KSBADXsTZmUwpnLLYjFVN2e0jZACuxEMbSW9rWNgvEmzpmzWMR:8A7im9/AFj70SHx7WW9XvEksR

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks