General
-
Target
0272ebc769de3f4498d247d85d345279_JaffaCakes118
-
Size
721KB
-
Sample
240620-d44b1awfrc
-
MD5
0272ebc769de3f4498d247d85d345279
-
SHA1
650c9d36c8720b96e107261f7ef5a1a2f3c66a7f
-
SHA256
1ba8750656f938a2b5331f4661769bf717633622f7d34ab50579a744a76e6de1
-
SHA512
98c871fd9e91b5de629d969c7a7d59f2ede62f641cc5dbc3f1f5f0575a2cabb45a4a3e10e5c79a98af4b3bb062e2ed37bb4cb8dfe54b914268afa91b128eb6f7
-
SSDEEP
12288:WLSdMFGhORzQo66LiUTq0/wbJy9TzzLSV2uK5T2aG44bZH7s8l3f:WLSdRMGZB0Z7o2uY2w49pf
Malware Config
Targets
-
-
Target
0272ebc769de3f4498d247d85d345279_JaffaCakes118
-
Size
721KB
-
MD5
0272ebc769de3f4498d247d85d345279
-
SHA1
650c9d36c8720b96e107261f7ef5a1a2f3c66a7f
-
SHA256
1ba8750656f938a2b5331f4661769bf717633622f7d34ab50579a744a76e6de1
-
SHA512
98c871fd9e91b5de629d969c7a7d59f2ede62f641cc5dbc3f1f5f0575a2cabb45a4a3e10e5c79a98af4b3bb062e2ed37bb4cb8dfe54b914268afa91b128eb6f7
-
SSDEEP
12288:WLSdMFGhORzQo66LiUTq0/wbJy9TzzLSV2uK5T2aG44bZH7s8l3f:WLSdRMGZB0Z7o2uY2w49pf
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-