General

  • Target

    069927ecd0fe6385714ab0dc8f468292_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240620-q68qqa1cnd

  • MD5

    069927ecd0fe6385714ab0dc8f468292

  • SHA1

    5874a410ffb74e3b7df4bff3fe70240890fe3607

  • SHA256

    50c0bff040f273b971e79a21316c44044c0474116234538eceb19f0c628aca58

  • SHA512

    3f45b3646143db01e0f598b72520d58f2795dd93dfb14fa68eba5e93790dce88a01e144296c78fd0446623b4ea4aa9098ad5a5d73ce4dfc7ff2fbf136979aad3

  • SSDEEP

    49152:ntOeuo7SI/AkOl+cGgigiSrkT6sLD2rdf:tdu0MY8lrepC

Malware Config

Targets

    • Target

      069927ecd0fe6385714ab0dc8f468292_JaffaCakes118

    • Size

      1.6MB

    • MD5

      069927ecd0fe6385714ab0dc8f468292

    • SHA1

      5874a410ffb74e3b7df4bff3fe70240890fe3607

    • SHA256

      50c0bff040f273b971e79a21316c44044c0474116234538eceb19f0c628aca58

    • SHA512

      3f45b3646143db01e0f598b72520d58f2795dd93dfb14fa68eba5e93790dce88a01e144296c78fd0446623b4ea4aa9098ad5a5d73ce4dfc7ff2fbf136979aad3

    • SSDEEP

      49152:ntOeuo7SI/AkOl+cGgigiSrkT6sLD2rdf:tdu0MY8lrepC

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v15

Tasks