General
-
Target
02aad632f8095328e80f69cc79df1077_JaffaCakes118
-
Size
192KB
-
Sample
240620-enz53sxgpc
-
MD5
02aad632f8095328e80f69cc79df1077
-
SHA1
cf5dead21aeb039864f14575162bb51126a53613
-
SHA256
9de352a177eaea275d925bbddd7bc0a1db5e5747883f3f26e9aa457868fe2771
-
SHA512
a837a832e39cb1b0d8bdef7818976eb83ba141c342cb3e34ed67d1017f358c18703c8d7481bc11a13d5dbe5ea5bbfa596f9a96e94dc814c047636ba6a0b1bccb
-
SSDEEP
3072:UcFl8P2TYmTqLGHjLw0hurBp8th35P1WBX4jDwWOX6UDV4ZMGBplNYK7L:Ucn8P2TY10wrsJPsBIXwWQBqMGBT3
Malware Config
Targets
-
-
Target
02aad632f8095328e80f69cc79df1077_JaffaCakes118
-
Size
192KB
-
MD5
02aad632f8095328e80f69cc79df1077
-
SHA1
cf5dead21aeb039864f14575162bb51126a53613
-
SHA256
9de352a177eaea275d925bbddd7bc0a1db5e5747883f3f26e9aa457868fe2771
-
SHA512
a837a832e39cb1b0d8bdef7818976eb83ba141c342cb3e34ed67d1017f358c18703c8d7481bc11a13d5dbe5ea5bbfa596f9a96e94dc814c047636ba6a0b1bccb
-
SSDEEP
3072:UcFl8P2TYmTqLGHjLw0hurBp8th35P1WBX4jDwWOX6UDV4ZMGBplNYK7L:Ucn8P2TY10wrsJPsBIXwWQBqMGBT3
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-