General
-
Target
f0929f96f2d3478be3e84b2d1b5bbe16_JaffaCakes118
-
Size
452KB
-
Sample
240921-zghyfasekd
-
MD5
f0929f96f2d3478be3e84b2d1b5bbe16
-
SHA1
faba3eb66328143b62908cbb2db094c9b2882e97
-
SHA256
b6fe3cb20b1d9eef46af50d0389421c5d6078153b81b4ce243868cdc86f3de78
-
SHA512
8ddb28388a42ce8af37a8d8f0d5f8f9e91fb7d7a3263b6ea22a8bdb81f6ea65bd561f68f4021b85f78661c61d1371a6359fa6a9791471a308fcfdad4e1b57bf4
-
SSDEEP
12288:LSbmq1LtqYshtlT/yirkBP8odq9u33muvF9xoS0:LSxPqYo/ryiABPx4umC9I
Malware Config
Targets
-
-
Target
f0929f96f2d3478be3e84b2d1b5bbe16_JaffaCakes118
-
Size
452KB
-
MD5
f0929f96f2d3478be3e84b2d1b5bbe16
-
SHA1
faba3eb66328143b62908cbb2db094c9b2882e97
-
SHA256
b6fe3cb20b1d9eef46af50d0389421c5d6078153b81b4ce243868cdc86f3de78
-
SHA512
8ddb28388a42ce8af37a8d8f0d5f8f9e91fb7d7a3263b6ea22a8bdb81f6ea65bd561f68f4021b85f78661c61d1371a6359fa6a9791471a308fcfdad4e1b57bf4
-
SSDEEP
12288:LSbmq1LtqYshtlT/yirkBP8odq9u33muvF9xoS0:LSxPqYo/ryiABPx4umC9I
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of SetThreadContext
-