General
-
Target
003cff0b46b1494232b58775361eaf65_JaffaCakes118
-
Size
722KB
-
Sample
240930-jnprkayare
-
MD5
003cff0b46b1494232b58775361eaf65
-
SHA1
7ef624ec274c51a9fe203cd91c670d33c2b4a69d
-
SHA256
e608cd2c919f15124e55ddc4dcc7456fca38461d59987d3b5d77223eb9292b3e
-
SHA512
85bf2ea80759cbfb84be28c2e4f1470a4c381010e61866aaf0c8b50f32ba17fa1427168843494da8959ba4781fd6ec41321ce711cdc762d64cf999a956c004a5
-
SSDEEP
12288:jRBjhLRSanSMItoRpsyPxVbZAxOxNiq4tqbVIsyPxVbZAxOxNiq4t:3jhFSaSXoRFP3bZWWiq4tEUP3bZWWiqW
Malware Config
Targets
-
-
Target
003cff0b46b1494232b58775361eaf65_JaffaCakes118
-
Size
722KB
-
MD5
003cff0b46b1494232b58775361eaf65
-
SHA1
7ef624ec274c51a9fe203cd91c670d33c2b4a69d
-
SHA256
e608cd2c919f15124e55ddc4dcc7456fca38461d59987d3b5d77223eb9292b3e
-
SHA512
85bf2ea80759cbfb84be28c2e4f1470a4c381010e61866aaf0c8b50f32ba17fa1427168843494da8959ba4781fd6ec41321ce711cdc762d64cf999a956c004a5
-
SSDEEP
12288:jRBjhLRSanSMItoRpsyPxVbZAxOxNiq4tqbVIsyPxVbZAxOxNiq4t:3jhFSaSXoRFP3bZWWiq4tEUP3bZWWiqW
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-