General
-
Target
f79dfbc3b8a8f8b9fd83e46883702f87_JaffaCakes118
-
Size
605KB
-
Sample
240926-fmr9hssakb
-
MD5
f79dfbc3b8a8f8b9fd83e46883702f87
-
SHA1
05a6e85d01fa03ba78d592bb3c989a5ab1c0d21b
-
SHA256
64673f314e82337483b9fac8800a4ed11f8b05d70410d504c27a8d5406c0fea9
-
SHA512
bfea7d05105d6e2577665afd5a26f29d5dff53ff7d4e2b7e40debf39c0844070fc7b648648bd0645fbf2feb874979c778ebf89d8550ae2b4dc89d828ea707135
-
SSDEEP
12288:2rsWE6q36UnEFqHZtZbVp1VhbkSp3OeiHequ3GqXHnP3wNmz:24yUnn55bbkSp3Oeibu3GUHPwNmz
Malware Config
Targets
-
-
Target
f79dfbc3b8a8f8b9fd83e46883702f87_JaffaCakes118
-
Size
605KB
-
MD5
f79dfbc3b8a8f8b9fd83e46883702f87
-
SHA1
05a6e85d01fa03ba78d592bb3c989a5ab1c0d21b
-
SHA256
64673f314e82337483b9fac8800a4ed11f8b05d70410d504c27a8d5406c0fea9
-
SHA512
bfea7d05105d6e2577665afd5a26f29d5dff53ff7d4e2b7e40debf39c0844070fc7b648648bd0645fbf2feb874979c778ebf89d8550ae2b4dc89d828ea707135
-
SSDEEP
12288:2rsWE6q36UnEFqHZtZbVp1VhbkSp3OeiHequ3GqXHnP3wNmz:24yUnn55bbkSp3Oeibu3GUHPwNmz
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-