General
-
Target
d307a1199574211eba8219ba8edc668b_JaffaCakes118
-
Size
205KB
-
Sample
240907-26n7vs1amq
-
MD5
d307a1199574211eba8219ba8edc668b
-
SHA1
8c961a386a14b1a3eb973d786bd8f86edd02be62
-
SHA256
70f81d4ee36f0d7add81c32db784831289488547e3d47816b444db691b64235a
-
SHA512
fa22a9b22facefe8054fa9002b380295db629534fc0ddf24ed00237da895dea066dc9655a77f069c1cfc626ea736c4207d5d8d53f7e71fabcd88034ca75794b9
-
SSDEEP
3072:A4R2DCDngUWTZVDlntdjhc78HWIMLSWk65ql7g9RWoYtnc5VXtHL9+00Ld+n7Trb:vhkVh/Iut0j5V/0qPfg/Jan5t
Malware Config
Targets
-
-
Target
d307a1199574211eba8219ba8edc668b_JaffaCakes118
-
Size
205KB
-
MD5
d307a1199574211eba8219ba8edc668b
-
SHA1
8c961a386a14b1a3eb973d786bd8f86edd02be62
-
SHA256
70f81d4ee36f0d7add81c32db784831289488547e3d47816b444db691b64235a
-
SHA512
fa22a9b22facefe8054fa9002b380295db629534fc0ddf24ed00237da895dea066dc9655a77f069c1cfc626ea736c4207d5d8d53f7e71fabcd88034ca75794b9
-
SSDEEP
3072:A4R2DCDngUWTZVDlntdjhc78HWIMLSWk65ql7g9RWoYtnc5VXtHL9+00Ld+n7Trb:vhkVh/Iut0j5V/0qPfg/Jan5t
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of SetThreadContext
-