General

  • Target

    fb74ecaa1f9ae4aefd1cd2897cb37561_JaffaCakes118

  • Size

    2.4MB

  • Sample

    240928-eh8j9syckg

  • MD5

    fb74ecaa1f9ae4aefd1cd2897cb37561

  • SHA1

    9076413ec4638c3cfa27408469c5cf7e15981bbe

  • SHA256

    8ee96c1c7b83b8d24289ed12e999f996144348a50810ab8d24e62ce300f7419e

  • SHA512

    9cef3bda6366c3ad3255f5f9108ab142e546472963102d3228ce6ea8810f450af804f3c7e986541d0aeae3433f47abd2b4d5c7d4b38fc1aeda1e3f8a340a4ff6

  • SSDEEP

    49152:7EOS2b1QsWnXne0RPEic623zTQMWH77+ygSI/6hD79qJlUF:7E3OWXnJP+623/Qb7DgJ/6TqJq

Malware Config

Targets

    • Target

      fb74ecaa1f9ae4aefd1cd2897cb37561_JaffaCakes118

    • Size

      2.4MB

    • MD5

      fb74ecaa1f9ae4aefd1cd2897cb37561

    • SHA1

      9076413ec4638c3cfa27408469c5cf7e15981bbe

    • SHA256

      8ee96c1c7b83b8d24289ed12e999f996144348a50810ab8d24e62ce300f7419e

    • SHA512

      9cef3bda6366c3ad3255f5f9108ab142e546472963102d3228ce6ea8810f450af804f3c7e986541d0aeae3433f47abd2b4d5c7d4b38fc1aeda1e3f8a340a4ff6

    • SSDEEP

      49152:7EOS2b1QsWnXne0RPEic623zTQMWH77+ygSI/6hD79qJlUF:7E3OWXnJP+623/Qb7DgJ/6TqJq

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.