General

  • Target

    09422e47a95b1c2fad54d948843b9f0c_JaffaCakes118

  • Size

    404KB

  • Sample

    240620-yl9fhsygnq

  • MD5

    09422e47a95b1c2fad54d948843b9f0c

  • SHA1

    a3db3f2f5b272cd51d2b312ba9a388788b78bed4

  • SHA256

    139cff125dc1eac257e9a7b5dd3971f7c0d924e4a6f469b18c2f08637a5f4c2e

  • SHA512

    7b2173c53299c59d0af309f077a31d95cb144ca4a505e0edfff2e88e5a1834ea63545da5742e35c12c435e9b1c897629612cfa6180bfc57ac6ccaf5eb6d7a0be

  • SSDEEP

    12288:piKf9rHXYBKnolmQ1DUbESnDkosH7ITHD9j3w99ZcE:piKfh3Y4hhsCHxj3S9ZN

Score
10/10

Malware Config

Targets

    • Target

      09422e47a95b1c2fad54d948843b9f0c_JaffaCakes118

    • Size

      404KB

    • MD5

      09422e47a95b1c2fad54d948843b9f0c

    • SHA1

      a3db3f2f5b272cd51d2b312ba9a388788b78bed4

    • SHA256

      139cff125dc1eac257e9a7b5dd3971f7c0d924e4a6f469b18c2f08637a5f4c2e

    • SHA512

      7b2173c53299c59d0af309f077a31d95cb144ca4a505e0edfff2e88e5a1834ea63545da5742e35c12c435e9b1c897629612cfa6180bfc57ac6ccaf5eb6d7a0be

    • SSDEEP

      12288:piKf9rHXYBKnolmQ1DUbESnDkosH7ITHD9j3w99ZcE:piKfh3Y4hhsCHxj3S9ZN

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks