General
-
Target
0b2dabf75bf1597f8a9eb74dde57c79d_JaffaCakes118
-
Size
18.9MB
-
Sample
240621-nqj2basajr
-
MD5
0b2dabf75bf1597f8a9eb74dde57c79d
-
SHA1
d9e2783a837e9bd0f7959ee12a791c166b9299df
-
SHA256
b56ab875008d084cfc439e8226af5ab21a8f552c94575bd6f48698e3e7caba7c
-
SHA512
e4949a2cf915c60e32cb67dd1eb896b6e59489cf46f6dd2cf672612c7c8e6f4b991881734214606044c8f754b8e34d57401617c4a381536ef0cbf3b2b96f15d1
-
SSDEEP
393216:ae3baUZ348Rhgvo+LCgAxVRmUuoC3FLaLm744qyrkmlkoS6:T2UZ3lvgAv3uj3F2LmEkYmZS6
Behavioral task
behavioral1
Sample
MyManagerPro.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
MyManagerPro.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
crack/MyManager.exe
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
crack/MyManager.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
MyManagerPro.exe
-
Size
15.7MB
-
MD5
a5a02823b145ca185b811f11d0be9663
-
SHA1
083deaff96d54b5608e2c6639e684921bdde0e00
-
SHA256
061ef4959e4e1ba1742166d180aaf5831fe352b09da7a5644f0f449db0873370
-
SHA512
67e36b70d4cf208070fde3a15b2016828d4396090e8658d6c9169c5fb7a4c8ea2a4da18446857f4bb5399cc9ebb2f748acb889065fb0ec1fa49d3d5cb909e17a
-
SSDEEP
393216:zfjFVZNQez6uURVF5HPEXahZCnedCEmsXhhOT89V5yf4mXmCdd2:rZ/ULHyah2T9sXiQPs4qbD2
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
crack/MyManager.exe
-
Size
13.4MB
-
MD5
b88d19e9e1f2f8bea1b2cefea90ab073
-
SHA1
d99d991e4555baf4a5aa0f7ea5c5ec6f82a3ad92
-
SHA256
3c420cb51b8cbd5e2a23dd2c8c2679c7d54f7b704ee64637affb797686b32ef8
-
SHA512
b60c99aaad8563353f247d5e19d31876611b0a078d76f292d5cba6e608f7aa7dc6d94d90ee6dce549757d906b9b25d346b47f469451c51810b45a3021277b27e
-
SSDEEP
196608:/RZUsSfpvA0+F9s7+zrWIBhJrn6ySTTA:5ZUsSfVA0+Li+eKP2
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader First Stage
-