General
-
Target
JaffaCakes118_af1b5cbc4e6b3b3f3e68dcd0f2bf06b547a00ac2f2945751502f1c7a3de73a85
-
Size
556KB
-
Sample
241224-n946laxlfj
-
MD5
f3a55825f310cfae818e2edf7f214957
-
SHA1
ca76f00a2eae9888e3dff00054075c60626c068b
-
SHA256
af1b5cbc4e6b3b3f3e68dcd0f2bf06b547a00ac2f2945751502f1c7a3de73a85
-
SHA512
20588c35f13f826718de4e16d56752ec0ddabc7594d3c0dbcc99490df5d42a2834e0fccd3967e177bcf6630acc2c92451735348ec69c4330f2282b9a6eb22686
-
SSDEEP
12288:qBSqqw+Y/TRdSCGqls20IRqJOnkSO4ybAzWnkgajxzUxHTly6Q:qBSI+YXGAaSqJO3O/AdgayxHT9Q
Static task
static1
Behavioral task
behavioral1
Sample
Payment Confirmation NOV-85869983TGTTAS.scr
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Payment Confirmation NOV-85869983TGTTAS.scr
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Payment Confirmation NOV-85869983TGTTAS.scr
-
Size
1.1MB
-
MD5
a53ef40486536c8aab95779bd4eb79f4
-
SHA1
4035c5ae014e2237e12a8b8170129e5cd2297b91
-
SHA256
f7e3e71f6386c5399291e127994d04abd5634ae8723a32f96db525e9f2150b80
-
SHA512
87cd12aaa4bfbe50d79c2ee065ff3fe3eb6ed39591f7d6d3321ae01f1514598f65ffb499e863fae1bca9bd321c3979dcdb0922093bd1c9615ff427bfd9fcb324
-
SSDEEP
24576:62vEPGnGVd4g/sPAfcc6oHKmWz+kdVXd:tcg00c3HKRzX
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader First Stage
-
Legitimate hosting services abused for malware hosting/C2
-