General
-
Target
844531f57300f0d444230036ba55cf05_JaffaCakes118
-
Size
472KB
-
Sample
241101-jksn2swrew
-
MD5
844531f57300f0d444230036ba55cf05
-
SHA1
54b6f6a52a643595bd0b4065205db5e58da83bd5
-
SHA256
b27d82a60bd7d773cc7ce4d1b3228665c0f827daee221e374996aea927829446
-
SHA512
81b2eccb123a0f11dee977e3b61647fa4de882d3524833ca1300d9436ebd72864313473efb980e32dca8c56448db9f6069e25b173bef1b213f88c53b41f2e78f
-
SSDEEP
12288:nL/5/2WdQ6F3Z4mxxt1InWdUgH5iJlOn0NEe:njNRQmXt1xzC3H
Malware Config
Targets
-
-
Target
844531f57300f0d444230036ba55cf05_JaffaCakes118
-
Size
472KB
-
MD5
844531f57300f0d444230036ba55cf05
-
SHA1
54b6f6a52a643595bd0b4065205db5e58da83bd5
-
SHA256
b27d82a60bd7d773cc7ce4d1b3228665c0f827daee221e374996aea927829446
-
SHA512
81b2eccb123a0f11dee977e3b61647fa4de882d3524833ca1300d9436ebd72864313473efb980e32dca8c56448db9f6069e25b173bef1b213f88c53b41f2e78f
-
SSDEEP
12288:nL/5/2WdQ6F3Z4mxxt1InWdUgH5iJlOn0NEe:njNRQmXt1xzC3H
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Deletes itself
-
Executes dropped EXE
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-