General
-
Target
ef0cc050a4bb534b590bf366b213b0b1_JaffaCakes118
-
Size
923KB
-
Sample
240921-evt8eavbnb
-
MD5
ef0cc050a4bb534b590bf366b213b0b1
-
SHA1
513221bcfccef24c904618d600e229cfa665d851
-
SHA256
9e243af60556646f26d81f027b8931b231baf418482e92ca038d94f99cc82e07
-
SHA512
92f739cbc6af24ffaf7a11b9716d7a4e0bafa4492b1861dd20ff2cd3a93b31eaf026043c1810cade567cf1d8281dc4a6aebd3f29ce8770849a2af31215798883
-
SSDEEP
24576:e9PRKpBETOeFuTk/x1gnpyt+4sd5ifS0yfz:e1RyOuAItu0z
Malware Config
Targets
-
-
Target
ef0cc050a4bb534b590bf366b213b0b1_JaffaCakes118
-
Size
923KB
-
MD5
ef0cc050a4bb534b590bf366b213b0b1
-
SHA1
513221bcfccef24c904618d600e229cfa665d851
-
SHA256
9e243af60556646f26d81f027b8931b231baf418482e92ca038d94f99cc82e07
-
SHA512
92f739cbc6af24ffaf7a11b9716d7a4e0bafa4492b1861dd20ff2cd3a93b31eaf026043c1810cade567cf1d8281dc4a6aebd3f29ce8770849a2af31215798883
-
SSDEEP
24576:e9PRKpBETOeFuTk/x1gnpyt+4sd5ifS0yfz:e1RyOuAItu0z
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-