General
-
Target
ecfe2304b6c1de57791ac6f82c832cd3_JaffaCakes118
-
Size
582KB
-
Sample
240920-gxy1gssclg
-
MD5
ecfe2304b6c1de57791ac6f82c832cd3
-
SHA1
1a8d4278b3a87f08ef66e1d786343910a7e72484
-
SHA256
7773863c1d5e87cb96f710e1e4971127d0cabb7b0a77295a155949954f5da70c
-
SHA512
0fe68096bd1dca3fd85e0b809f07ef46cc5226898ec96cd0e3861726145d7feb02952312f0fa33aafc283ad323022c009659f5aa63313dddc2a4444f0afaad49
-
SSDEEP
12288:XsRAerkwxw4ymqyTuwF3Z4mxx74IxSo62jDrkAL:XsPkoiVyTuwQmX/sohk4
Malware Config
Targets
-
-
Target
ecfe2304b6c1de57791ac6f82c832cd3_JaffaCakes118
-
Size
582KB
-
MD5
ecfe2304b6c1de57791ac6f82c832cd3
-
SHA1
1a8d4278b3a87f08ef66e1d786343910a7e72484
-
SHA256
7773863c1d5e87cb96f710e1e4971127d0cabb7b0a77295a155949954f5da70c
-
SHA512
0fe68096bd1dca3fd85e0b809f07ef46cc5226898ec96cd0e3861726145d7feb02952312f0fa33aafc283ad323022c009659f5aa63313dddc2a4444f0afaad49
-
SSDEEP
12288:XsRAerkwxw4ymqyTuwF3Z4mxx74IxSo62jDrkAL:XsPkoiVyTuwQmX/sohk4
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-