General
-
Target
edbfed40da9442ab67ba9e6844220f35_JaffaCakes118
-
Size
20KB
-
Sample
240920-rdnqhszfmf
-
MD5
edbfed40da9442ab67ba9e6844220f35
-
SHA1
5d9fb8a081d08b150f6e12d887fbc07af63c1981
-
SHA256
a18deb168d4be28ca55cf495163e863ea045e1d75a8ca71abdf935c01c26b776
-
SHA512
9c6b2e7382605895b383b0337f913195e19482a5359ba4da65d59fa96866edf073cf1311204cbfefc23552d0a25365bb2e9831152a6dad9bd1f3da451b9e2a14
-
SSDEEP
384:dnH9Q30L6/6F3pkBqsXK1NSLbR+1i6PHDLL9w/xPnzypQ:dnH2EL6CZa8P1QhciuH3pw/lnC
Malware Config
Targets
-
-
Target
edbfed40da9442ab67ba9e6844220f35_JaffaCakes118
-
Size
20KB
-
MD5
edbfed40da9442ab67ba9e6844220f35
-
SHA1
5d9fb8a081d08b150f6e12d887fbc07af63c1981
-
SHA256
a18deb168d4be28ca55cf495163e863ea045e1d75a8ca71abdf935c01c26b776
-
SHA512
9c6b2e7382605895b383b0337f913195e19482a5359ba4da65d59fa96866edf073cf1311204cbfefc23552d0a25365bb2e9831152a6dad9bd1f3da451b9e2a14
-
SSDEEP
384:dnH9Q30L6/6F3pkBqsXK1NSLbR+1i6PHDLL9w/xPnzypQ:dnH2EL6CZa8P1QhciuH3pw/lnC
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Stops running service(s)
-
Deletes itself
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Network Share Discovery
Attempt to gather information on host network.
-
Suspicious use of SetThreadContext
-