General
-
Target
JaffaCakes118_0052736572d7fda392ee10163208ade6
-
Size
2.0MB
-
Sample
250120-18vxraslew
-
MD5
0052736572d7fda392ee10163208ade6
-
SHA1
8e293b8fb835f147b9c26593203070d0120c41d2
-
SHA256
80b3e72e4afc7b991d75c4856b3dda29af7e40c89359e7b785313433370af74f
-
SHA512
1f9bf6d13796a9b07f6db6720a982f1a7b0457665709d1439bb8e954c584327fa9862f99a7c1d7db526be3d6041bc8d2cc124454ec01381f125557b75c6bcdde
-
SSDEEP
49152:gTqpChd62wwRSzHn8nv3Io8PU/F/9MMMMMMMMMMMMMMMMMMMsXrIqOLQ:KmS+H8nv3IjGFMMMMMMMMMMMMMMMMMMr
Malware Config
Targets
-
-
Target
JaffaCakes118_0052736572d7fda392ee10163208ade6
-
Size
2.0MB
-
MD5
0052736572d7fda392ee10163208ade6
-
SHA1
8e293b8fb835f147b9c26593203070d0120c41d2
-
SHA256
80b3e72e4afc7b991d75c4856b3dda29af7e40c89359e7b785313433370af74f
-
SHA512
1f9bf6d13796a9b07f6db6720a982f1a7b0457665709d1439bb8e954c584327fa9862f99a7c1d7db526be3d6041bc8d2cc124454ec01381f125557b75c6bcdde
-
SSDEEP
49152:gTqpChd62wwRSzHn8nv3Io8PU/F/9MMMMMMMMMMMMMMMMMMMsXrIqOLQ:KmS+H8nv3IjGFMMMMMMMMMMMMMMMMMMr
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-