General

  • Target

    06b517c713cc0b4e756b45fdc8acf1cc_JaffaCakes118

  • Size

    489KB

  • Sample

    240620-rhsj9s1hjb

  • MD5

    06b517c713cc0b4e756b45fdc8acf1cc

  • SHA1

    db86c65576bfbdc1f613a4355b5e6a10a3623d25

  • SHA256

    920cb1a3075dbe21869204882d4d656174cf20eea591cb6f0c9b3d7668473151

  • SHA512

    c8d17c1b7144ff4f804b87ae17245a5c526ed042e742c7b34a7aeffeb210e4e98bcc0bd8793d947aced46d1294d369b40b09be0b1b2525767b5cc04e724538c2

  • SSDEEP

    12288:GZnQqhF6HR9OLqCR3ktyF3Z4mxxnfVJDTYB:6nthF6baqGktyQmXf3De

Malware Config

Targets

    • Target

      06b517c713cc0b4e756b45fdc8acf1cc_JaffaCakes118

    • Size

      489KB

    • MD5

      06b517c713cc0b4e756b45fdc8acf1cc

    • SHA1

      db86c65576bfbdc1f613a4355b5e6a10a3623d25

    • SHA256

      920cb1a3075dbe21869204882d4d656174cf20eea591cb6f0c9b3d7668473151

    • SHA512

      c8d17c1b7144ff4f804b87ae17245a5c526ed042e742c7b34a7aeffeb210e4e98bcc0bd8793d947aced46d1294d369b40b09be0b1b2525767b5cc04e724538c2

    • SSDEEP

      12288:GZnQqhF6HR9OLqCR3ktyF3Z4mxxnfVJDTYB:6nthF6baqGktyQmXf3De

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Server Software Component: Terminal Services DLL

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks