General
-
Target
e6258d826a5e11ab09a7eb308932816d_JaffaCakes118
-
Size
146KB
-
Sample
240917-f73kzswhrb
-
MD5
e6258d826a5e11ab09a7eb308932816d
-
SHA1
de1a7a40607c2a2ef101a5837fb3f21d842be6b8
-
SHA256
a8e6a92415e8de7ca067a89345e46cb73191be754722cd11b07373d5288e3bda
-
SHA512
ab757c6a8be1a6b6c60e0e49d8858e51deaf8f901b677dfd35c6028b26bbb8bb0532a6f3e195038fcfa66420a417157b6f6bf8eb387dab675e31ff9ee3e7df47
-
SSDEEP
3072:htBbCGfx6ISbveWsYNFT/zyDHwy7wlvYLAGM27H83u0Z64WqQ:htBbCYWmW3/z4twlwLAGVHEuspWq
Malware Config
Targets
-
-
Target
e6258d826a5e11ab09a7eb308932816d_JaffaCakes118
-
Size
146KB
-
MD5
e6258d826a5e11ab09a7eb308932816d
-
SHA1
de1a7a40607c2a2ef101a5837fb3f21d842be6b8
-
SHA256
a8e6a92415e8de7ca067a89345e46cb73191be754722cd11b07373d5288e3bda
-
SHA512
ab757c6a8be1a6b6c60e0e49d8858e51deaf8f901b677dfd35c6028b26bbb8bb0532a6f3e195038fcfa66420a417157b6f6bf8eb387dab675e31ff9ee3e7df47
-
SSDEEP
3072:htBbCGfx6ISbveWsYNFT/zyDHwy7wlvYLAGM27H83u0Z64WqQ:htBbCYWmW3/z4twlwLAGVHEuspWq
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-