General
-
Target
JaffaCakes118_18474dfac7776fa5b017b3e8ec8857aeea0be3f49340ee34fea5fc19a8fb5dc2
-
Size
441KB
-
Sample
241224-sjaarazqhq
-
MD5
706a23d53aedc4d844b9a6637d6ac298
-
SHA1
bad405bf77a2225fe131219bc5a1e1ac4c400bb0
-
SHA256
18474dfac7776fa5b017b3e8ec8857aeea0be3f49340ee34fea5fc19a8fb5dc2
-
SHA512
06fd3691e2c53d207eeba546cc0a312d00e8b52c7a4e9dadafbf86b731f5c98fa6d338971eb32fa6482e5dfb27a3715486299c6fc94a97af2cd933774d151d47
-
SSDEEP
12288:p2JPTmvVGmqge/7mVVM7wwan4+YI8ppZTvztp7EBVfKqDQnj:sBme/78u79+YISHvz/Mfxsnj
Static task
static1
Behavioral task
behavioral1
Sample
Inv26619,pdf.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Inv26619,pdf.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
modiloader
https://cdn.discordapp.com/attachments/747123935576981508/770142837190033429/Tjwtaaa
Targets
-
-
Target
Inv26619,pdf.exe
-
Size
1.0MB
-
MD5
fd9e9a423b59e4e4261163b9cf69df3f
-
SHA1
280bc3a0c0f8ea0e9784830a4d85fa87549195f8
-
SHA256
f1721957f855e471c1ed489ed14a6ac5d74b532c3dee995ecc8e022a12102546
-
SHA512
42b71c54316a1c3ca908c18593161db1862faefbbfa69631008924319ea2c5d0f29e6252dfe78a357caf1f76516422dfbc876ced96d63b50c6eb31ce6b712dbe
-
SSDEEP
12288:nVCTeZF541To2ztd5/IEAHqDPD3PDQnA/g07SVllMweV+8YZqckawUNlY7RA5aR:nVCCa1Rzt0EAHqf36EFAKlujY/
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader First Stage
-
Legitimate hosting services abused for malware hosting/C2
-