General

  • Target

    fb7d4863cb9246a5e7c21e291672624b_JaffaCakes118

  • Size

    455KB

  • Sample

    240928-exf4kawgrp

  • MD5

    fb7d4863cb9246a5e7c21e291672624b

  • SHA1

    0d1a323be95d2597ba9106ae547586209d9d71c3

  • SHA256

    a0782b2a67ed099d8855b16b78e5b4e5be2e5e0ba9bf3faf7f9615ad0d38b514

  • SHA512

    96649a17ccfdd99354bcd62caebec00ef01b8d71d1897164b91250796203acea68bbeac10f6ef437a59218a17fabd987f6a089841648fbfd20817e24c4d4f477

  • SSDEEP

    12288:G3cwv+upJgsv/uis5VUZ33KSaJbxAvc5jeYY5oS:GMuosv/PsrOwJVic5j7Y

Malware Config

Targets

    • Target

      fb7d4863cb9246a5e7c21e291672624b_JaffaCakes118

    • Size

      455KB

    • MD5

      fb7d4863cb9246a5e7c21e291672624b

    • SHA1

      0d1a323be95d2597ba9106ae547586209d9d71c3

    • SHA256

      a0782b2a67ed099d8855b16b78e5b4e5be2e5e0ba9bf3faf7f9615ad0d38b514

    • SHA512

      96649a17ccfdd99354bcd62caebec00ef01b8d71d1897164b91250796203acea68bbeac10f6ef437a59218a17fabd987f6a089841648fbfd20817e24c4d4f477

    • SSDEEP

      12288:G3cwv+upJgsv/uis5VUZ33KSaJbxAvc5jeYY5oS:GMuosv/PsrOwJVic5j7Y

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.