General
-
Target
JaffaCakes118_0acfb5fa4930eef3bdae0409543759f5
-
Size
656KB
-
Sample
250122-gb4zls1kdv
-
MD5
0acfb5fa4930eef3bdae0409543759f5
-
SHA1
6bacc676e376aff10cad7681d9ff8cd927bca869
-
SHA256
d7042a68c14f2a0adf2db66cd2874c185506ad4d9000d24aaec02b20101026cb
-
SHA512
05b7a35ff7e99c4686b04d2b15f91026ec4e288f5bf2a26305b24f144612f34a50f453df3e545049ffe3fa5dab18d15b5ca37a3841f4526eff9109816efeabbb
-
SSDEEP
12288:swIy2lZsNtgGRg71xTph5G1rI9eVNZF3Z4mxxTDqVTVOCy:s3y2lZyavV5G189ePZQmX6VTzy
Malware Config
Targets
-
-
Target
JaffaCakes118_0acfb5fa4930eef3bdae0409543759f5
-
Size
656KB
-
MD5
0acfb5fa4930eef3bdae0409543759f5
-
SHA1
6bacc676e376aff10cad7681d9ff8cd927bca869
-
SHA256
d7042a68c14f2a0adf2db66cd2874c185506ad4d9000d24aaec02b20101026cb
-
SHA512
05b7a35ff7e99c4686b04d2b15f91026ec4e288f5bf2a26305b24f144612f34a50f453df3e545049ffe3fa5dab18d15b5ca37a3841f4526eff9109816efeabbb
-
SSDEEP
12288:swIy2lZsNtgGRg71xTph5G1rI9eVNZF3Z4mxxTDqVTVOCy:s3y2lZyavV5G189ePZQmX6VTzy
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-