General
-
Target
155089b9c9f1ff5b37c73638caeccee1_JaffaCakes118
-
Size
355KB
-
Sample
240505-bk3v1sda76
-
MD5
155089b9c9f1ff5b37c73638caeccee1
-
SHA1
ae7a7b7e6d6a61a7ade8c3f3fd1a4a1852e0ae8c
-
SHA256
2fb48a27bd1db3acd8a6c6c3c141423711977693aa729814e611d2076f13d81d
-
SHA512
0a8d30b44db951f2792a2169ec81910b180c5c8b70811be7221b7371035443752e69986c23f18de8f3b608f07f186c1737c19e5fe372a5b86229f8a8a36d38a2
-
SSDEEP
6144:eyHXzDVY9FKL5sWiPRRmsiRQr+cQoovZs/DSZXXrutwdInHCzAmMW50/Hv29Rd4:eyHXtYaVjU5UNO/mZLuKaHCzn8/P29RW
Static task
static1
Behavioral task
behavioral1
Sample
DHL STATEMENT OF ACCOUNT e COPY 0087965677555.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
DHL STATEMENT OF ACCOUNT e COPY 0087965677555.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
modiloader
https://cdn.discordapp.com/attachments/753549570230976536/755660991227887657/Qapjayi
Targets
-
-
Target
DHL STATEMENT OF ACCOUNT e COPY 0087965677555.exe
-
Size
881KB
-
MD5
c6371a959e9e74c78719e2bdd259b9c2
-
SHA1
6eb6fbe3541085ac113a160d6fabfd0990303dcb
-
SHA256
bb06b854327139dfb8b3ecacff60c3dc13dc485ee74eba0e71afe575299fc252
-
SHA512
e63889469acbc68d75eed22c57a112eb1bfbbe0113bccdb65bd827023ba6aa071d417e033304faa7785af4c4508c14d516a0b70c2146234ec4b56686c258918b
-
SSDEEP
12288:dZREX+Lzw1fVVPvIWbYzpcVp5csRbSA6E7xvWVL+doDfO7Q3:dnZw1tBjdp5c2bSO9vWVqQs0
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader First Stage
-