General
-
Target
d4492f7022e72378f42cda98d2f5a7a6_JaffaCakes118
-
Size
19KB
-
Sample
240908-nw9txswgnf
-
MD5
d4492f7022e72378f42cda98d2f5a7a6
-
SHA1
91a94e052c88284c313e54ae13378215640cf43e
-
SHA256
da6b9239b88d762b22470f7b9a9e27b85330b86398b83874955704b9e3ddbfa8
-
SHA512
3792d7cffa24fedc8b276ab656af01c6748b992145c555050d829f221a9c0f97708f934cbf0a5da3538498eee1db729b39beab365cd986716a8152d6e83d04d8
-
SSDEEP
384:IjTQDtQaAuBMgPDdYh2yEIEeY4xD9RIV8hQnWPqrJYQ:UIGaAuBMg7dYhlNu8RdhQC2B
Malware Config
Targets
-
-
Target
d4492f7022e72378f42cda98d2f5a7a6_JaffaCakes118
-
Size
19KB
-
MD5
d4492f7022e72378f42cda98d2f5a7a6
-
SHA1
91a94e052c88284c313e54ae13378215640cf43e
-
SHA256
da6b9239b88d762b22470f7b9a9e27b85330b86398b83874955704b9e3ddbfa8
-
SHA512
3792d7cffa24fedc8b276ab656af01c6748b992145c555050d829f221a9c0f97708f934cbf0a5da3538498eee1db729b39beab365cd986716a8152d6e83d04d8
-
SSDEEP
384:IjTQDtQaAuBMgPDdYh2yEIEeY4xD9RIV8hQnWPqrJYQ:UIGaAuBMg7dYhlNu8RdhQC2B
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-