General
-
Target
JaffaCakes118_c43dd7f46e3c4075ac8a67b0d7be195c
-
Size
1.4MB
-
Sample
250119-lrag6aspft
-
MD5
c43dd7f46e3c4075ac8a67b0d7be195c
-
SHA1
7ee260d0915443e139875a3331e6910e6dfcf56f
-
SHA256
1a2a8d671acb9a38e331ff5cfccbfc2f376bbc40cd6f583d8242ec0fdf5ff7b4
-
SHA512
c05d72ae0ce2c0810ae9c29282eaa4f836f483c62dc6aaec37f1d7b59ac35d553545f65a62d54aa6ad85e412e4610bb7c399d6e9811033e27d8b57a6339c4495
-
SSDEEP
24576:PJJ/iFvWFbo+iAoVFw20jwPJ4ZsBIJnQ6Uk6cXa8m5pKrF3v+7BqEmZWA:PzsWFb2wxjwP2JnxLm5pKJ00ZW
Malware Config
Targets
-
-
Target
JaffaCakes118_c43dd7f46e3c4075ac8a67b0d7be195c
-
Size
1.4MB
-
MD5
c43dd7f46e3c4075ac8a67b0d7be195c
-
SHA1
7ee260d0915443e139875a3331e6910e6dfcf56f
-
SHA256
1a2a8d671acb9a38e331ff5cfccbfc2f376bbc40cd6f583d8242ec0fdf5ff7b4
-
SHA512
c05d72ae0ce2c0810ae9c29282eaa4f836f483c62dc6aaec37f1d7b59ac35d553545f65a62d54aa6ad85e412e4610bb7c399d6e9811033e27d8b57a6339c4495
-
SSDEEP
24576:PJJ/iFvWFbo+iAoVFw20jwPJ4ZsBIJnQ6Uk6cXa8m5pKrF3v+7BqEmZWA:PzsWFb2wxjwP2JnxLm5pKJ00ZW
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-