General

  • Target

    23319f28fae3ab690c0043eaad8b6a0e_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240703-v1lq8azemq

  • MD5

    23319f28fae3ab690c0043eaad8b6a0e

  • SHA1

    a380a2ba83007fd0c91ccab92323525f6bf671fe

  • SHA256

    45825bd787fcfc85bb0065c7287b1efc901acebb842e5f3ae58acd37f32405da

  • SHA512

    0c4408bc3bd0c907c942802eea69ff124a7bb5a93d343ad90afba9b5fb781187d98fc984f25601b257435299bb8142c702c96dfe37d946474c610a5348f5df18

  • SSDEEP

    24576:M/KpgQm68YAnyRfFTMVVah9VSxycxMdc8CJKalR:M/NbYXRMVCVSxycxMdc8CJKaX

Score
10/10

Malware Config

Targets

    • Target

      23319f28fae3ab690c0043eaad8b6a0e_JaffaCakes118

    • Size

      1.1MB

    • MD5

      23319f28fae3ab690c0043eaad8b6a0e

    • SHA1

      a380a2ba83007fd0c91ccab92323525f6bf671fe

    • SHA256

      45825bd787fcfc85bb0065c7287b1efc901acebb842e5f3ae58acd37f32405da

    • SHA512

      0c4408bc3bd0c907c942802eea69ff124a7bb5a93d343ad90afba9b5fb781187d98fc984f25601b257435299bb8142c702c96dfe37d946474c610a5348f5df18

    • SSDEEP

      24576:M/KpgQm68YAnyRfFTMVVah9VSxycxMdc8CJKalR:M/NbYXRMVCVSxycxMdc8CJKaX

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks