General
-
Target
eb215c1b7213541ef498e2874f1eaa33_JaffaCakes118
-
Size
20KB
-
Sample
240919-mekysstbqe
-
MD5
eb215c1b7213541ef498e2874f1eaa33
-
SHA1
ba50bacad454b73be9997458a609c0b832eac55d
-
SHA256
9d49f4fdf73902a86a8508afe378daf2e0f2927b436793dbd7065b898451b708
-
SHA512
8c0304341e20d16f07ccb37df535bee7a6812b4d8f409fbdf0ceea6c9ff21bf4b3fbccb1c93c877c7e0eee4e23f188f878aa63651b4cf2df1183bf77ceb02cab
-
SSDEEP
384:u45fLu0jm506J5rUyJ57I1k0hVRjSNAuuCf1IHOLDHE463KA:95fLu0jm506JlXJ57IfLjFgOHOLo/K
Malware Config
Targets
-
-
Target
eb215c1b7213541ef498e2874f1eaa33_JaffaCakes118
-
Size
20KB
-
MD5
eb215c1b7213541ef498e2874f1eaa33
-
SHA1
ba50bacad454b73be9997458a609c0b832eac55d
-
SHA256
9d49f4fdf73902a86a8508afe378daf2e0f2927b436793dbd7065b898451b708
-
SHA512
8c0304341e20d16f07ccb37df535bee7a6812b4d8f409fbdf0ceea6c9ff21bf4b3fbccb1c93c877c7e0eee4e23f188f878aa63651b4cf2df1183bf77ceb02cab
-
SSDEEP
384:u45fLu0jm506J5rUyJ57I1k0hVRjSNAuuCf1IHOLDHE463KA:95fLu0jm506JlXJ57IfLjFgOHOLo/K
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-