General
-
Target
bdbe517806726bb32ecf86e5700b9b9f_JaffaCakes118
-
Size
281KB
-
Sample
241203-rfs31stqal
-
MD5
bdbe517806726bb32ecf86e5700b9b9f
-
SHA1
95575b36c9a2faf6bb674309833abac03ec3a684
-
SHA256
dc2356eba71c25608ad5873580b6cc0c135e6fc414952cba7da3a0d561134979
-
SHA512
f5d054be5ea290e6aed5583c4bda040b33a622b3649156006aaf7137eb9ea9b0e508a430cdc3a4372db9c4c43f29301cb4da9df587cf5ab3c3895241b2de185f
-
SSDEEP
6144:CiwYfxdWSi6ID86RalmkPKe7FHD7yisURnus9lrboSjw8Q8z:CLciSLIpzNe7FHDWYusn3wn8z
Malware Config
Targets
-
-
Target
bdbe517806726bb32ecf86e5700b9b9f_JaffaCakes118
-
Size
281KB
-
MD5
bdbe517806726bb32ecf86e5700b9b9f
-
SHA1
95575b36c9a2faf6bb674309833abac03ec3a684
-
SHA256
dc2356eba71c25608ad5873580b6cc0c135e6fc414952cba7da3a0d561134979
-
SHA512
f5d054be5ea290e6aed5583c4bda040b33a622b3649156006aaf7137eb9ea9b0e508a430cdc3a4372db9c4c43f29301cb4da9df587cf5ab3c3895241b2de185f
-
SSDEEP
6144:CiwYfxdWSi6ID86RalmkPKe7FHD7yisURnus9lrboSjw8Q8z:CLciSLIpzNe7FHDWYusn3wn8z
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-