General

  • Target

    81221f32bdc0e0f9d36037d033cb054b_JaffaCakes118

  • Size

    25KB

  • Sample

    241031-cg761axcpm

  • MD5

    81221f32bdc0e0f9d36037d033cb054b

  • SHA1

    c36d5c8f823d4f5e1b0273ff09db7edd3a9b93d3

  • SHA256

    5da8c67c1d6dfec9c7a550709e340a9cae141d8b2076d13c4927133de0965848

  • SHA512

    12031562058a22325abfbf2787926a067d9c5e6ac1377f2d5bbbe19ca8033b373df0959bffe53d43a7f2de2f01336d74cdb5308280aef5b594ca6d84c785d344

  • SSDEEP

    384:59mRSCF82EkoaoP6u1X5ekJ+ZETos1ZdKrQOR5zY4luupuQtoR63c:54RzS2r5oPv8KTnQzj8UJuxX

Malware Config

Targets

    • Target

      81221f32bdc0e0f9d36037d033cb054b_JaffaCakes118

    • Size

      25KB

    • MD5

      81221f32bdc0e0f9d36037d033cb054b

    • SHA1

      c36d5c8f823d4f5e1b0273ff09db7edd3a9b93d3

    • SHA256

      5da8c67c1d6dfec9c7a550709e340a9cae141d8b2076d13c4927133de0965848

    • SHA512

      12031562058a22325abfbf2787926a067d9c5e6ac1377f2d5bbbe19ca8033b373df0959bffe53d43a7f2de2f01336d74cdb5308280aef5b594ca6d84c785d344

    • SSDEEP

      384:59mRSCF82EkoaoP6u1X5ekJ+ZETos1ZdKrQOR5zY4luupuQtoR63c:54RzS2r5oPv8KTnQzj8UJuxX

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • ModiLoader Second Stage

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks