General
-
Target
dbe98d360527108ef66bf272b591b718_JaffaCakes118
-
Size
192KB
-
Sample
240912-gc7rwstfkb
-
MD5
dbe98d360527108ef66bf272b591b718
-
SHA1
ecb3ebd3bfa7de835974272ec4f209ff181488d0
-
SHA256
a5dd188c808803f61d83e9598b5b313ceb4e39e38d2376af26ea423d4b6d42cf
-
SHA512
b90c754f731e611e236b4425f480cdcca30bbd1ceb928de9f8bef576f5b7881008c84cb1fe37169ff83bdc80fd879d35d07223aae62f42967f1e18f2a0b37f46
-
SSDEEP
3072:IT31A4lEdbcgpP6kMdPmwjhRDpHQM2i4Fu14+f/beDs3Q6dOKEx5nzCcOfE:ITl5Edbc6LMdOMhppHQMp0um+HqDeoT
Malware Config
Targets
-
-
Target
dbe98d360527108ef66bf272b591b718_JaffaCakes118
-
Size
192KB
-
MD5
dbe98d360527108ef66bf272b591b718
-
SHA1
ecb3ebd3bfa7de835974272ec4f209ff181488d0
-
SHA256
a5dd188c808803f61d83e9598b5b313ceb4e39e38d2376af26ea423d4b6d42cf
-
SHA512
b90c754f731e611e236b4425f480cdcca30bbd1ceb928de9f8bef576f5b7881008c84cb1fe37169ff83bdc80fd879d35d07223aae62f42967f1e18f2a0b37f46
-
SSDEEP
3072:IT31A4lEdbcgpP6kMdPmwjhRDpHQM2i4Fu14+f/beDs3Q6dOKEx5nzCcOfE:ITl5Edbc6LMdOMhppHQMp0um+HqDeoT
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Impair Defenses: Safe Mode Boot
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-