General
-
Target
f6ff63c883b0f9c982fcb87547a487a5_JaffaCakes118
-
Size
24KB
-
Sample
240925-2m4s7ssakm
-
MD5
f6ff63c883b0f9c982fcb87547a487a5
-
SHA1
97fca869ed8e639aac70144287797641b4dca588
-
SHA256
594fb1ec8c011c3a6fe225fc7137d8cb78e825d87a5ae3cb39109570ace6144c
-
SHA512
39c55d0212d32f92dc01c8792f0adcbf71af541bbe3d61273e89c1da03bc5943c0967a9a127058dab083ca7b05e71fb4cfc8e3d6ad1c4568575e4d7d571028a6
-
SSDEEP
384:PY4GOukRWwTmaGe0QcQ0FW48q/gUH4UHGzh8SHaxPFkKq8P6gy8GJ4lFwY93vYbr:g4tY6Ae0QcQ0Fnx/FmzlKCECZFulFwGU
Malware Config
Targets
-
-
Target
f6ff63c883b0f9c982fcb87547a487a5_JaffaCakes118
-
Size
24KB
-
MD5
f6ff63c883b0f9c982fcb87547a487a5
-
SHA1
97fca869ed8e639aac70144287797641b4dca588
-
SHA256
594fb1ec8c011c3a6fe225fc7137d8cb78e825d87a5ae3cb39109570ace6144c
-
SHA512
39c55d0212d32f92dc01c8792f0adcbf71af541bbe3d61273e89c1da03bc5943c0967a9a127058dab083ca7b05e71fb4cfc8e3d6ad1c4568575e4d7d571028a6
-
SSDEEP
384:PY4GOukRWwTmaGe0QcQ0FW48q/gUH4UHGzh8SHaxPFkKq8P6gy8GJ4lFwY93vYbr:g4tY6Ae0QcQ0Fnx/FmzlKCECZFulFwGU
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-