General
-
Target
910e58b9696ce177c75b1d35ff20dbdc_JaffaCakes118
-
Size
95KB
-
Sample
240603-jzl5taaa33
-
MD5
910e58b9696ce177c75b1d35ff20dbdc
-
SHA1
60d85f0e651c33718b518502b121090836cd8a90
-
SHA256
52d78a633fe824a93eb065a58ac14fcbf5398c5e9e944a66df24fd0ea543263d
-
SHA512
18ac3954f0c66f139a547b0547e58e0c4dfe3c86caed44d4979095444e030d74e23fd259b05301ae2e004805bd328edcbbca7356baa5dc30c9a9d333c4c3e84d
-
SSDEEP
1536:CC2qEQug2dM0EidaZjImaIM9iO8d12qQ46H39NXoyL/alYsTEu6non71/U89:C7bxd/eIfv9P8d12qQXN9oyL/alJTEp6
Malware Config
Targets
-
-
Target
910e58b9696ce177c75b1d35ff20dbdc_JaffaCakes118
-
Size
95KB
-
MD5
910e58b9696ce177c75b1d35ff20dbdc
-
SHA1
60d85f0e651c33718b518502b121090836cd8a90
-
SHA256
52d78a633fe824a93eb065a58ac14fcbf5398c5e9e944a66df24fd0ea543263d
-
SHA512
18ac3954f0c66f139a547b0547e58e0c4dfe3c86caed44d4979095444e030d74e23fd259b05301ae2e004805bd328edcbbca7356baa5dc30c9a9d333c4c3e84d
-
SSDEEP
1536:CC2qEQug2dM0EidaZjImaIM9iO8d12qQ46H39NXoyL/alYsTEu6non71/U89:C7bxd/eIfv9P8d12qQXN9oyL/alJTEp6
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-