General
-
Target
e3e3163e7e8d68f42829751e0951b4f2_JaffaCakes118
-
Size
164KB
-
Sample
240916-degrpswcrn
-
MD5
e3e3163e7e8d68f42829751e0951b4f2
-
SHA1
81b8fb473a246bd9d9de66842a9e31b061fba7e9
-
SHA256
935640857c1e605ff4f113f5f7a148bdf87c62fa658e19e390b143cd4fbc2abc
-
SHA512
bb05ab1a1a21f80ec3b878f4eb9a623dcb9b1020f9a4a77974c3d6062a268ffdadf2c9717493ff752fe90859f2b560b010f9d585ece433c0b607fc23191ae187
-
SSDEEP
3072:ydGJFdFokoP6t1HfGDDmelKUxxFECGeSTZ++7XEzTjQ:ydwfoCthamEePJpXEzTU
Malware Config
Targets
-
-
Target
e3e3163e7e8d68f42829751e0951b4f2_JaffaCakes118
-
Size
164KB
-
MD5
e3e3163e7e8d68f42829751e0951b4f2
-
SHA1
81b8fb473a246bd9d9de66842a9e31b061fba7e9
-
SHA256
935640857c1e605ff4f113f5f7a148bdf87c62fa658e19e390b143cd4fbc2abc
-
SHA512
bb05ab1a1a21f80ec3b878f4eb9a623dcb9b1020f9a4a77974c3d6062a268ffdadf2c9717493ff752fe90859f2b560b010f9d585ece433c0b607fc23191ae187
-
SSDEEP
3072:ydGJFdFokoP6t1HfGDDmelKUxxFECGeSTZ++7XEzTjQ:ydwfoCthamEePJpXEzTU
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-