General

  • Target

    088a28ef186cfcbf728372ab4446d851_JaffaCakes118

  • Size

    620KB

  • Sample

    240620-wtppzavejm

  • MD5

    088a28ef186cfcbf728372ab4446d851

  • SHA1

    2eb70c41bda4e114ef59efa29e98f58628c0d1dd

  • SHA256

    5768e19bfcce008cbe7f51d5ba2422fe6fdabd35dfbadcacb2b811d85bb7161d

  • SHA512

    edbdc3562193b9086266e25f6803caa1b427ab0cef0443e4eee46a47c34fe12a45a9c4a4e92b556f480f16507f4d4bbdf1b677a6a8e062e61a673116812025b9

  • SSDEEP

    12288:uEX/qvxvfPFJWc5Ob0vfstuIZRfYcahfhcRoS4:uEvIxvXPL5OYvkw8RYHhO6S4

Malware Config

Targets

    • Target

      088a28ef186cfcbf728372ab4446d851_JaffaCakes118

    • Size

      620KB

    • MD5

      088a28ef186cfcbf728372ab4446d851

    • SHA1

      2eb70c41bda4e114ef59efa29e98f58628c0d1dd

    • SHA256

      5768e19bfcce008cbe7f51d5ba2422fe6fdabd35dfbadcacb2b811d85bb7161d

    • SHA512

      edbdc3562193b9086266e25f6803caa1b427ab0cef0443e4eee46a47c34fe12a45a9c4a4e92b556f480f16507f4d4bbdf1b677a6a8e062e61a673116812025b9

    • SSDEEP

      12288:uEX/qvxvfPFJWc5Ob0vfstuIZRfYcahfhcRoS4:uEvIxvXPL5OYvkw8RYHhO6S4

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Server Software Component: Terminal Services DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks