General

  • Target

    82d8f19d1a4521e86922988eced2e240_JaffaCakes118

  • Size

    791KB

  • Sample

    241031-npgvkaxemc

  • MD5

    82d8f19d1a4521e86922988eced2e240

  • SHA1

    9d5728039b7444f048787e6c06b095af79d24ff8

  • SHA256

    70f265c0d8d925fc1a497e47eaa00cb96f0ec0207caf07633f87326e7604c476

  • SHA512

    06eaa34a24a9df9cd2ad800aa5a52588b247c6707fb40a6213b7aaf3f97745aabc2bdb5065c74158ae9480c5dd5f43c6c1a993e87e03fc70d51e250a7c3ac07a

  • SSDEEP

    24576:9bDtVhyrtEYq6pUj8XaHhwtkkIqTf9XnkA16o:7VMtEIyAKQIq1X6o

Malware Config

Targets

    • Target

      82d8f19d1a4521e86922988eced2e240_JaffaCakes118

    • Size

      791KB

    • MD5

      82d8f19d1a4521e86922988eced2e240

    • SHA1

      9d5728039b7444f048787e6c06b095af79d24ff8

    • SHA256

      70f265c0d8d925fc1a497e47eaa00cb96f0ec0207caf07633f87326e7604c476

    • SHA512

      06eaa34a24a9df9cd2ad800aa5a52588b247c6707fb40a6213b7aaf3f97745aabc2bdb5065c74158ae9480c5dd5f43c6c1a993e87e03fc70d51e250a7c3ac07a

    • SSDEEP

      24576:9bDtVhyrtEYq6pUj8XaHhwtkkIqTf9XnkA16o:7VMtEIyAKQIq1X6o

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks