General
-
Target
924059ccbaea0e43561f2761bd035825_JaffaCakes118
-
Size
868KB
-
Sample
241124-ds69hs1pcw
-
MD5
924059ccbaea0e43561f2761bd035825
-
SHA1
57297e61762c5a144639f34fe3691fb316b49a57
-
SHA256
ce7e208280dbc88185d60d80f4bcc5c04e33086e5e3dcf8337445ddb90b9ffc3
-
SHA512
ad5c579a7e66ff9069b1e286f03dca50156f34907791a1947a46d885508991466c1c1b95a17559f427c408b668052ca63493b937159f5487c7eeea83bcd6287e
-
SSDEEP
12288:/byBPqujZRt6Iqw3mkWrVkHKJ3ED9uakrckc6GDiuKVg3Y6D/nJEh6:WBiuj8IerVkHK3ED9uakrckfG/nOh6
Malware Config
Targets
-
-
Target
924059ccbaea0e43561f2761bd035825_JaffaCakes118
-
Size
868KB
-
MD5
924059ccbaea0e43561f2761bd035825
-
SHA1
57297e61762c5a144639f34fe3691fb316b49a57
-
SHA256
ce7e208280dbc88185d60d80f4bcc5c04e33086e5e3dcf8337445ddb90b9ffc3
-
SHA512
ad5c579a7e66ff9069b1e286f03dca50156f34907791a1947a46d885508991466c1c1b95a17559f427c408b668052ca63493b937159f5487c7eeea83bcd6287e
-
SSDEEP
12288:/byBPqujZRt6Iqw3mkWrVkHKJ3ED9uakrckc6GDiuKVg3Y6D/nJEh6:WBiuj8IerVkHK3ED9uakrckfG/nOh6
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-