General
-
Target
JaffaCakes118_0314165d358e7ec5345000bd372d362d
-
Size
720KB
-
Sample
250121-jmq81atlhj
-
MD5
0314165d358e7ec5345000bd372d362d
-
SHA1
8d8633c6b7b73825aaa833005e0e58b5e2a5d7df
-
SHA256
f92a7ef3552964bf4ecdacec1bd1868b6ec0627ec19f12e2d8d09df51e4df972
-
SHA512
a8db9864db7fd1c826e7de606519cc6b9a233f094faec41cc3eee678b8b1f25750af425068d3b1a22279b6ef03b5348052789a8ea7c4cd93ba293faaef74a5a9
-
SSDEEP
12288:dc//////t1F8gjXVAMSe68G5IBDvu8W/SAIyUWLd370kQ7/FAgvQXCdQHG8lgSTN:dc//////tvhjNY80JvUWL1oAgpQHG8ua
Malware Config
Targets
-
-
Target
JaffaCakes118_0314165d358e7ec5345000bd372d362d
-
Size
720KB
-
MD5
0314165d358e7ec5345000bd372d362d
-
SHA1
8d8633c6b7b73825aaa833005e0e58b5e2a5d7df
-
SHA256
f92a7ef3552964bf4ecdacec1bd1868b6ec0627ec19f12e2d8d09df51e4df972
-
SHA512
a8db9864db7fd1c826e7de606519cc6b9a233f094faec41cc3eee678b8b1f25750af425068d3b1a22279b6ef03b5348052789a8ea7c4cd93ba293faaef74a5a9
-
SSDEEP
12288:dc//////t1F8gjXVAMSe68G5IBDvu8W/SAIyUWLd370kQ7/FAgvQXCdQHG8lgSTN:dc//////tvhjNY80JvUWL1oAgpQHG8ua
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-