General

  • Target

    edfdd0b6be91c72507506d6b3d0104b3_JaffaCakes118

  • Size

    450KB

  • Sample

    240920-t1tldswcqf

  • MD5

    edfdd0b6be91c72507506d6b3d0104b3

  • SHA1

    c6497ef72ac1d2c5b78c17d2d0920d33326a16ab

  • SHA256

    30dcf8d3f51c821d588176675d6e164f7661735b4bfa3d973c1f78900351348a

  • SHA512

    646a3f6e789bea7c423f1829d17d96cff2aadd662bcda803e41ba1d74cf02f19ba4598aea851b7b8e509a46e28031bc8780606c04e436c77fd0a95839dff7f0c

  • SSDEEP

    12288:FNySZOep1KOR0xbuuhdxqLG/EBfOApn56ojB:FNRZN17R0NuubxqUaDnRV

Malware Config

Targets

    • Target

      edfdd0b6be91c72507506d6b3d0104b3_JaffaCakes118

    • Size

      450KB

    • MD5

      edfdd0b6be91c72507506d6b3d0104b3

    • SHA1

      c6497ef72ac1d2c5b78c17d2d0920d33326a16ab

    • SHA256

      30dcf8d3f51c821d588176675d6e164f7661735b4bfa3d973c1f78900351348a

    • SHA512

      646a3f6e789bea7c423f1829d17d96cff2aadd662bcda803e41ba1d74cf02f19ba4598aea851b7b8e509a46e28031bc8780606c04e436c77fd0a95839dff7f0c

    • SSDEEP

      12288:FNySZOep1KOR0xbuuhdxqLG/EBfOApn56ojB:FNRZN17R0NuubxqUaDnRV

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.