General
-
Target
d138fe8710cb562588c769b6f0d32251_JaffaCakes118
-
Size
177KB
-
Sample
240907-glt76axhqj
-
MD5
d138fe8710cb562588c769b6f0d32251
-
SHA1
a0d496b5b6684fb8a9629d7a4a101c35b14537e5
-
SHA256
5768c1e3134a86bda9f559a2f647e7b7c2dc963dd68f2ba1e876e5068e04d7e2
-
SHA512
b6b85791176cafbaff22a980efcf34365f04d11bf73226e58480775ede0a42c15c95b5d5c3dbc5377805e6dd12cc6141010e8b2fe645c072bea275591cc14642
-
SSDEEP
3072:7vgyolsHqOuGLyZGMb/3SmqJiqKGY0vzT27V88/Gmr4astwkUtTnL:L6aqOTLybb3SmqUE3gBG8fptTn
Malware Config
Targets
-
-
Target
d138fe8710cb562588c769b6f0d32251_JaffaCakes118
-
Size
177KB
-
MD5
d138fe8710cb562588c769b6f0d32251
-
SHA1
a0d496b5b6684fb8a9629d7a4a101c35b14537e5
-
SHA256
5768c1e3134a86bda9f559a2f647e7b7c2dc963dd68f2ba1e876e5068e04d7e2
-
SHA512
b6b85791176cafbaff22a980efcf34365f04d11bf73226e58480775ede0a42c15c95b5d5c3dbc5377805e6dd12cc6141010e8b2fe645c072bea275591cc14642
-
SSDEEP
3072:7vgyolsHqOuGLyZGMb/3SmqJiqKGY0vzT27V88/Gmr4astwkUtTnL:L6aqOTLybb3SmqUE3gBG8fptTn
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-