General

  • Target

    JaffaCakes118_af1b5cbc4e6b3b3f3e68dcd0f2bf06b547a00ac2f2945751502f1c7a3de73a85

  • Size

    556KB

  • Sample

    241224-n946laxlfj

  • MD5

    f3a55825f310cfae818e2edf7f214957

  • SHA1

    ca76f00a2eae9888e3dff00054075c60626c068b

  • SHA256

    af1b5cbc4e6b3b3f3e68dcd0f2bf06b547a00ac2f2945751502f1c7a3de73a85

  • SHA512

    20588c35f13f826718de4e16d56752ec0ddabc7594d3c0dbcc99490df5d42a2834e0fccd3967e177bcf6630acc2c92451735348ec69c4330f2282b9a6eb22686

  • SSDEEP

    12288:qBSqqw+Y/TRdSCGqls20IRqJOnkSO4ybAzWnkgajxzUxHTly6Q:qBSI+YXGAaSqJO3O/AdgayxHT9Q

Malware Config

Targets

    • Target

      Payment Confirmation NOV-85869983TGTTAS.scr

    • Size

      1.1MB

    • MD5

      a53ef40486536c8aab95779bd4eb79f4

    • SHA1

      4035c5ae014e2237e12a8b8170129e5cd2297b91

    • SHA256

      f7e3e71f6386c5399291e127994d04abd5634ae8723a32f96db525e9f2150b80

    • SHA512

      87cd12aaa4bfbe50d79c2ee065ff3fe3eb6ed39591f7d6d3321ae01f1514598f65ffb499e863fae1bca9bd321c3979dcdb0922093bd1c9615ff427bfd9fcb324

    • SSDEEP

      24576:62vEPGnGVd4g/sPAfcc6oHKmWz+kdVXd:tcg00c3HKRzX

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • ModiLoader First Stage

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks