General
-
Target
e3dae2149dea5d6f407c2a4f12dee51b_JaffaCakes118
-
Size
163KB
-
Sample
240916-c25xdavejb
-
MD5
e3dae2149dea5d6f407c2a4f12dee51b
-
SHA1
eafbc775590ad460e5b043a292a0ed48f764d56c
-
SHA256
6af8a47502588722cc80bf6b0d2c4eb8811915c40c69ac06cc0bd24a5babfba6
-
SHA512
3adccf7dbff5f86540aba449088df5ba6141616ea114dd555048820ea0b07031df9e200e41031c28b68a2b96ac21e69e3e7ae6c2e6daf704643d651b3e1604d0
-
SSDEEP
3072:/1sxX+cRUfz9KD4hHy+bq4WkcSl20ufBy+izi6u3FNRWz9Skk9e0bNGoYnk6kLLa:NsxXdRUEkhNq4AS00e0+0i6q8EegGoif
Malware Config
Targets
-
-
Target
ИНСТАЛЛЕР.exe
-
Size
397KB
-
MD5
8fce59702c478b19fc5ace3e8068a3fd
-
SHA1
f9be1f30becef052db04a2e206936244970dbde4
-
SHA256
dbfb9bb4be155c672ba77c5a286a6ed56f0270b425f02e1dbeb6b1633bdbf770
-
SHA512
12555c371e6c84b115461c2ced003f8c52e28099f74143cef6c246be13f01dbeb009ee059e5119aef7f16ff80066346cb9770d5139c73307b4d3a7814580d732
-
SSDEEP
6144:cLy84u9nSO2GjZkD10BIY3rb1YfBdfpoZ3u/Ht52w6JSeiFPXVbP:I+u9nx2GjMY3XKfd/H/9PFP
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Impair Defenses: Safe Mode Boot
-
Adds Run key to start application
-