General
-
Target
d74227a8211ccd1a6b6581f1809e0697_JaffaCakes118
-
Size
24KB
-
Sample
240909-3bwh5avhkl
-
MD5
d74227a8211ccd1a6b6581f1809e0697
-
SHA1
a8aaf1df1e9b870b93cbea79aa3efe8622ddcaa1
-
SHA256
ee92973ac7a82fa137167b3419941d6a31e479a98529d92ee9cc87c605c96938
-
SHA512
d3d80ce695779f9d4bbc5aa84bdd467268f5327e035044e4a223cc1214a4d97ab890dd0e055f0d9ea2854374208a63ed10d29a29286b04454c9da3ad71b8e069
-
SSDEEP
384:V2XxZEVBj4AywxjoXMcJQQhpKw87S4FYqzgZwdCyi+Ju4UVOPUn4STF7:Va2nLBxUX2wf4FY2cV6u4UelKF
Malware Config
Targets
-
-
Target
d74227a8211ccd1a6b6581f1809e0697_JaffaCakes118
-
Size
24KB
-
MD5
d74227a8211ccd1a6b6581f1809e0697
-
SHA1
a8aaf1df1e9b870b93cbea79aa3efe8622ddcaa1
-
SHA256
ee92973ac7a82fa137167b3419941d6a31e479a98529d92ee9cc87c605c96938
-
SHA512
d3d80ce695779f9d4bbc5aa84bdd467268f5327e035044e4a223cc1214a4d97ab890dd0e055f0d9ea2854374208a63ed10d29a29286b04454c9da3ad71b8e069
-
SSDEEP
384:V2XxZEVBj4AywxjoXMcJQQhpKw87S4FYqzgZwdCyi+Ju4UVOPUn4STF7:Va2nLBxUX2wf4FY2cV6u4UelKF
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-