General
-
Target
00115d494aa5c8938625f8be6f360fb0_JaffaCakes118
-
Size
250KB
-
Sample
240930-hre6vs1fnm
-
MD5
00115d494aa5c8938625f8be6f360fb0
-
SHA1
d823d7a935ba78e4e28403757092b20c163f553b
-
SHA256
a83188c0dc367efdf90a62023d1894a49e25462d600b939ba282432442d5a5da
-
SHA512
ee42b209095ee174750d812bcd2d9f3deae56b8e8d7082c75a7e6be952613c083ba761f5be68805c3dd937b9171088c83d663a7b7b788aa98eba5f7658852eb2
-
SSDEEP
6144:f9vKmScOyAXdnunxJQNmYr4s/YsAQ/kQrBGsh:fPgyAXdn2nQNmLjsj/trBXh
Malware Config
Targets
-
-
Target
00115d494aa5c8938625f8be6f360fb0_JaffaCakes118
-
Size
250KB
-
MD5
00115d494aa5c8938625f8be6f360fb0
-
SHA1
d823d7a935ba78e4e28403757092b20c163f553b
-
SHA256
a83188c0dc367efdf90a62023d1894a49e25462d600b939ba282432442d5a5da
-
SHA512
ee42b209095ee174750d812bcd2d9f3deae56b8e8d7082c75a7e6be952613c083ba761f5be68805c3dd937b9171088c83d663a7b7b788aa98eba5f7658852eb2
-
SSDEEP
6144:f9vKmScOyAXdnunxJQNmYr4s/YsAQ/kQrBGsh:fPgyAXdn2nQNmLjsj/trBXh
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Impair Defenses: Safe Mode Boot
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-