General
-
Target
e20be673c779693371329d7278b9dcf5_JaffaCakes118
-
Size
49KB
-
Sample
240915-j2y76athkj
-
MD5
e20be673c779693371329d7278b9dcf5
-
SHA1
bc2d40d138a8fa9c75994eca291e9f02e9fcde49
-
SHA256
b3b252002e374b300d425905213589f669702429da2ce1cfe530b53c9832bba7
-
SHA512
5fcdcacea547c336460f3a11003cdc3c3942b8754147c2e4c719b731897cd0c3ff809b84cf7491f24928889c33dec55181fd7bae4e4a2868479787dcd3cdfd95
-
SSDEEP
768:CiFKqnQefsPgy9YeLqdXM0rF37LK/9SLxgjKPqg7A41QaHmzgtuDyH8+:FwqnQUar9YeLolrZ7LzLzF7sbDs
Malware Config
Targets
-
-
Target
e20be673c779693371329d7278b9dcf5_JaffaCakes118
-
Size
49KB
-
MD5
e20be673c779693371329d7278b9dcf5
-
SHA1
bc2d40d138a8fa9c75994eca291e9f02e9fcde49
-
SHA256
b3b252002e374b300d425905213589f669702429da2ce1cfe530b53c9832bba7
-
SHA512
5fcdcacea547c336460f3a11003cdc3c3942b8754147c2e4c719b731897cd0c3ff809b84cf7491f24928889c33dec55181fd7bae4e4a2868479787dcd3cdfd95
-
SSDEEP
768:CiFKqnQefsPgy9YeLqdXM0rF37LK/9SLxgjKPqg7A41QaHmzgtuDyH8+:FwqnQUar9YeLolrZ7LzLzF7sbDs
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-