General
-
Target
f4aa43923b95e9cdc31557418eac0223_JaffaCakes118
-
Size
17KB
-
Sample
240924-2znmrazgnq
-
MD5
f4aa43923b95e9cdc31557418eac0223
-
SHA1
074a1f07b97d749855d04e18896fe53f385fc327
-
SHA256
e5518bbcf4d59575ffb781137c18894237b5af88958e3ada9d536e93f915b07b
-
SHA512
cff36cb75304e71b3b75a3c2d5b471e5ede8bb362d3e4c05518569d4ea47d486b210bc67a7e787cfcca74896944a301739cc1b1ff0ce66fdf6fb972e799983c7
-
SSDEEP
384:nzw7o3yZzARXogiJ8J9Dh/kEQkBzTxpcVOOw:nyFAecSXATH
Malware Config
Targets
-
-
Target
f4aa43923b95e9cdc31557418eac0223_JaffaCakes118
-
Size
17KB
-
MD5
f4aa43923b95e9cdc31557418eac0223
-
SHA1
074a1f07b97d749855d04e18896fe53f385fc327
-
SHA256
e5518bbcf4d59575ffb781137c18894237b5af88958e3ada9d536e93f915b07b
-
SHA512
cff36cb75304e71b3b75a3c2d5b471e5ede8bb362d3e4c05518569d4ea47d486b210bc67a7e787cfcca74896944a301739cc1b1ff0ce66fdf6fb972e799983c7
-
SSDEEP
384:nzw7o3yZzARXogiJ8J9Dh/kEQkBzTxpcVOOw:nyFAecSXATH
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-