General

  • Target

    066da7532dcbd1aeb953913b05a2a28a_JaffaCakes118

  • Size

    188KB

  • Sample

    240620-qre5vsthmk

  • MD5

    066da7532dcbd1aeb953913b05a2a28a

  • SHA1

    6ed493953e95ed855451e6bc5e45c392616fab87

  • SHA256

    dff99e7e4d6b0af841be4677ec2f02ab2e79d89baf64395963c6e00f89660023

  • SHA512

    428aa98bde978630429f76305d34e41ce9779497aad90420438288755719d5effba3d37ee1131e1f468a685011681c8dde60284e4edde02680cfa01fa115587b

  • SSDEEP

    3072:rPTId1i83KPYuW/J+hoNgOIvi8YsdYZ4JPULOb7cos/eDTmOLC4K:rLox3KPYZ/y48YsC4C6PcEDTbLC

Score
10/10

Malware Config

Targets

    • Target

      066da7532dcbd1aeb953913b05a2a28a_JaffaCakes118

    • Size

      188KB

    • MD5

      066da7532dcbd1aeb953913b05a2a28a

    • SHA1

      6ed493953e95ed855451e6bc5e45c392616fab87

    • SHA256

      dff99e7e4d6b0af841be4677ec2f02ab2e79d89baf64395963c6e00f89660023

    • SHA512

      428aa98bde978630429f76305d34e41ce9779497aad90420438288755719d5effba3d37ee1131e1f468a685011681c8dde60284e4edde02680cfa01fa115587b

    • SSDEEP

      3072:rPTId1i83KPYuW/J+hoNgOIvi8YsdYZ4JPULOb7cos/eDTmOLC4K:rLox3KPYZ/y48YsC4C6PcEDTbLC

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks