General

  • Target

    22b62c04cb38eb7cb5be178505ec0b75_JaffaCakes118

  • Size

    25KB

  • Sample

    240703-r1d5lavdlm

  • MD5

    22b62c04cb38eb7cb5be178505ec0b75

  • SHA1

    1ce0f92d71cc659fe5292046cf3a8f8fafc7fed9

  • SHA256

    fa87e65a27d551ba7fa41e709e5ce4ea6f250563706d039822ceaf0ba74e7c82

  • SHA512

    78e0d3b4527fdb5e408601446d1ef38f4066d2d3f5e46874495cdd0cd27ff18f07b2aeb254ed144bf6d48afb80952c2963c4f8f50af9accab028353709f1d899

  • SSDEEP

    384:83f4/d85uXgS+1dHsH/pWkRdMcKSz9fMr9wCQAtXgP0x6+NqWMGtezRsvhy4j7gd:Yy85uXgJrC2Sz9adg8x6y/MZsvFkZd

Malware Config

Targets

    • Target

      22b62c04cb38eb7cb5be178505ec0b75_JaffaCakes118

    • Size

      25KB

    • MD5

      22b62c04cb38eb7cb5be178505ec0b75

    • SHA1

      1ce0f92d71cc659fe5292046cf3a8f8fafc7fed9

    • SHA256

      fa87e65a27d551ba7fa41e709e5ce4ea6f250563706d039822ceaf0ba74e7c82

    • SHA512

      78e0d3b4527fdb5e408601446d1ef38f4066d2d3f5e46874495cdd0cd27ff18f07b2aeb254ed144bf6d48afb80952c2963c4f8f50af9accab028353709f1d899

    • SSDEEP

      384:83f4/d85uXgS+1dHsH/pWkRdMcKSz9fMr9wCQAtXgP0x6+NqWMGtezRsvhy4j7gd:Yy85uXgJrC2Sz9adg8x6y/MZsvFkZd

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks