General

  • Target

    JaffaCakes118_b95a5fbeaac1f2c98f9a0422416a8c087d43586dc2098d97dc3c44b02b5eaf0a

  • Size

    428KB

  • Sample

    241224-yb2mxsvqdk

  • MD5

    1e85e3c1f61f208aa200897a0e0c11a0

  • SHA1

    7569e12a398f26cfbc8a2eacb59c796dba2a8b2a

  • SHA256

    b95a5fbeaac1f2c98f9a0422416a8c087d43586dc2098d97dc3c44b02b5eaf0a

  • SHA512

    013460420b117e42895ecfc5be29e9a71c9b47c4f1b9c005a39207baa972cc9e7b34ccd8d1afee4052c482d95084f8a12eee2bd71abf8464f0d32466a559a996

  • SSDEEP

    12288:zLwFjpDaBghSvMk2mLmVmK7mEab+QnxITiXiJY:EaBgIvV2CK74b+WxImj

Malware Config

Targets

    • Target

      Transfer From Bank N° 7717.exe

    • Size

      1.0MB

    • MD5

      b1f8e177f8d9edf29e20b959a7a2490c

    • SHA1

      7fa46bda8e11b6b1ac164f3b5e4571ac0375f325

    • SHA256

      579480643bd1596cf45efe7a5cf060bb5d35947067a3e115c16b39b29fe47b0e

    • SHA512

      1c740838a20b77ebdec7188060ffba980702ff4de73f79d8f257fb98d27a8b62edb3e788a9c3cdd8496c8cf3d889094032f2097a39988ed9de04be5a6c3d6740

    • SSDEEP

      24576:b1BLam+mNN6U2Q/RvlNGmGeD95MPszaWpWPgE9d8:b1+42WVMkzLpWPgp

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • ModiLoader First Stage

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks