General
-
Target
d2abb9bfc24c04408b2b30f975b2e04d_JaffaCakes118
-
Size
683KB
-
Sample
240907-x5765ashrf
-
MD5
d2abb9bfc24c04408b2b30f975b2e04d
-
SHA1
65a94a615886ab4c29e2339983f4fe0dff0a6eda
-
SHA256
723c37d9264fb5328e0c266a919acbb165b13f31f4c973e3e5f2d6a693ebef64
-
SHA512
6730570439fb66d1af6497e3986b700f35e448f991056729a3464248646ca3c4a49ed61afcbc6b77a4a693ae7d5bfb28f81c0ce687dec95ba7b444bc8ff67016
-
SSDEEP
12288:qB59tGKgLueUklEEBgpybO+OPCXeF3Z4mxxz+hlMkN0J6Yy7hNtp/SJi:MOndEEBgp8O+OKXeQmXz+skNcl0Ss
Malware Config
Targets
-
-
Target
d2abb9bfc24c04408b2b30f975b2e04d_JaffaCakes118
-
Size
683KB
-
MD5
d2abb9bfc24c04408b2b30f975b2e04d
-
SHA1
65a94a615886ab4c29e2339983f4fe0dff0a6eda
-
SHA256
723c37d9264fb5328e0c266a919acbb165b13f31f4c973e3e5f2d6a693ebef64
-
SHA512
6730570439fb66d1af6497e3986b700f35e448f991056729a3464248646ca3c4a49ed61afcbc6b77a4a693ae7d5bfb28f81c0ce687dec95ba7b444bc8ff67016
-
SSDEEP
12288:qB59tGKgLueUklEEBgpybO+OPCXeF3Z4mxxz+hlMkN0J6Yy7hNtp/SJi:MOndEEBgp8O+OKXeQmXz+skNcl0Ss
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-