General

  • Target

    JaffaCakes118_8d611e8f9615ccc5629292e10475121e3cd6598dfa30f7705315e8ca99e641a2

  • Size

    422KB

  • Sample

    241224-peczasxmdj

  • MD5

    fcf9f7fcd5c0914e6b25ae632882aecf

  • SHA1

    dc49638623525f97f6e0ed699ca8843875cd1dd2

  • SHA256

    8d611e8f9615ccc5629292e10475121e3cd6598dfa30f7705315e8ca99e641a2

  • SHA512

    f1acd58743ceb0272fb76f4f94f7862b8a30981886a66d5adac0f28948013f7fe7557103fcaf6f7e0a3fca9dc76c10200e5fe8e0a8598cb3dbd26f7f66019340

  • SSDEEP

    12288:SjitLHs6+ru66lTWaO7jQG7sKNPKUt4HHX2R8gjipqJ8ySEX:SWt43ruRJMXxSo6mR8gjniySG

Malware Config

Targets

    • Target

      JaffaCakes118_8d611e8f9615ccc5629292e10475121e3cd6598dfa30f7705315e8ca99e641a2

    • Size

      977KB

    • MD5

      e8055021bc8341f5a008c14ad2550890

    • SHA1

      90b08b9bde911152cc89475a0bed6acdbaa518a8

    • SHA256

      27d32b2af6392daaa9d08da8dec30cf109e82da5778ab1c7db87be3c8cc91502

    • SHA512

      c183bbdcccb0b9cd0e9fb31202dc1b1c9beaf2bc2edc150b9bfb219cceeb208a592b46a806293c6e22b35e1ac908666050d9352c63779a2f0bc0aeb5bf24125b

    • SSDEEP

      24576:KatTADYIErC0I2D3QauLMMQUtVSn52Ao:KtxnLy+Sn52A

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • ModiLoader Second Stage

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks