General
-
Target
e34cc310536ad0478ffe7a2a1b43845b_JaffaCakes118
-
Size
708KB
-
Sample
240915-zapsea1hkk
-
MD5
e34cc310536ad0478ffe7a2a1b43845b
-
SHA1
69fe0e6115a0d84083bf5b901e03787511101239
-
SHA256
d4962916fb84171fa9c67c12571e380af7d80dbeaf727f0797045d8ab2b0697c
-
SHA512
4814156062c423a79cba86db6d93e19d5cb2fa6253235235cba798f5b3b612d568524b45fc7b6a0c486a3fc4388598a6beeabe185bdb4d5899ce19c9553de1fc
-
SSDEEP
12288:0pmiRf08bkQeOA9zTuCVobQbmRvTnl6pKw9YC21vIkmAu69lnfvf:IRf0WbAhTFsvTluYvPmAu69lnH
Malware Config
Targets
-
-
Target
e34cc310536ad0478ffe7a2a1b43845b_JaffaCakes118
-
Size
708KB
-
MD5
e34cc310536ad0478ffe7a2a1b43845b
-
SHA1
69fe0e6115a0d84083bf5b901e03787511101239
-
SHA256
d4962916fb84171fa9c67c12571e380af7d80dbeaf727f0797045d8ab2b0697c
-
SHA512
4814156062c423a79cba86db6d93e19d5cb2fa6253235235cba798f5b3b612d568524b45fc7b6a0c486a3fc4388598a6beeabe185bdb4d5899ce19c9553de1fc
-
SSDEEP
12288:0pmiRf08bkQeOA9zTuCVobQbmRvTnl6pKw9YC21vIkmAu69lnfvf:IRf0WbAhTFsvTluYvPmAu69lnH
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-