General
-
Target
JaffaCakes118_26a466c14f61d76653351d93579c3e5fc080a89a9366737fdd8a94c651585b04
-
Size
445KB
-
Sample
241224-lsxzvavjfj
-
MD5
7ebbdef5af6618ee352c0da6e528e8d3
-
SHA1
05757db45d208e25c7703d0a3eaad3a119d238b7
-
SHA256
26a466c14f61d76653351d93579c3e5fc080a89a9366737fdd8a94c651585b04
-
SHA512
5921073167ffe447a45bf156484a1645d91c56047b12bde002f89de708bc3d15897383636c4ba652062fa02856c00b9c0f8d4e4943e3caa135a52e32c2ffe88e
-
SSDEEP
6144:hQ4a9fgDnQVvH+pZk2DgvdCOPo2d3TKGSIL1EU6u/HQa/rdQbYDspalXyd45hgo6:e4ggDnbpy26ZhKGSIqU6kxQIOaxNLsF
Static task
static1
Behavioral task
behavioral1
Sample
copia scansione slip.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
copia scansione slip.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
modiloader
https://cdn.discordapp.com/attachments/751870937779011659/768357832487206942/Mqsyyyy
Targets
-
-
Target
copia scansione slip.bin
-
Size
1.0MB
-
MD5
d60b5172ece08495a237ee03bc04a53c
-
SHA1
d46891a8cf0e7c99508a25c9b8bf8bcd6b795634
-
SHA256
b2f388545f7efd0d368fdb41b7e424f3eb5336311cfa9cbdf2567464000c2c22
-
SHA512
219c11ca6991bdf7f1bd9c990d38f5d4987577a9fe2358152807d3ebf1469b3e871da0c15f2221829a14d0ca423eb033c40314dd7e6e1de2c34b1735f5a5e058
-
SSDEEP
12288:QhVKeF40BRicbRToD1whMmvlThTD3mG91gX2jU6v84fMsdF6sgDlO:QhU0RicG6b9T17mG9uX2N8DkF6pDo
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader First Stage
-
Legitimate hosting services abused for malware hosting/C2
-