General

  • Target

    2cb8bc48981ddbbb523374029e8e8223_JaffaCakes118

  • Size

    148KB

  • Sample

    240708-rzsxcstejp

  • MD5

    2cb8bc48981ddbbb523374029e8e8223

  • SHA1

    989a8e73bec0aed08d25513f9a451eb96262d729

  • SHA256

    e5c73a722a91385af8c41a0392afb3f2fc5579bce66e850826113b1ea7c3515b

  • SHA512

    c86c926dddd5d23aa1df875be41166b3fea9de46f9320cc49487515848a9964d5145602a26ab08bcdd09014ed07c93d89d1b386a112e437a9bf2728945a79cf3

  • SSDEEP

    1536:YPCqYOQXiF+znUAquea0GQ6uePOsfXRqREIN5QpuEyuarCaVFaIeLUBw:TOGiQzn7vugmTJNuar38I8UBw

Malware Config

Targets

    • Target

      2cb8bc48981ddbbb523374029e8e8223_JaffaCakes118

    • Size

      148KB

    • MD5

      2cb8bc48981ddbbb523374029e8e8223

    • SHA1

      989a8e73bec0aed08d25513f9a451eb96262d729

    • SHA256

      e5c73a722a91385af8c41a0392afb3f2fc5579bce66e850826113b1ea7c3515b

    • SHA512

      c86c926dddd5d23aa1df875be41166b3fea9de46f9320cc49487515848a9964d5145602a26ab08bcdd09014ed07c93d89d1b386a112e437a9bf2728945a79cf3

    • SSDEEP

      1536:YPCqYOQXiF+znUAquea0GQ6uePOsfXRqREIN5QpuEyuarCaVFaIeLUBw:TOGiQzn7vugmTJNuar38I8UBw

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks