General
-
Target
JaffaCakes118_0f65469247c893137885b37f49118cea
-
Size
338KB
-
Sample
250122-tx4xyswlbj
-
MD5
0f65469247c893137885b37f49118cea
-
SHA1
30cd2f989e620a5af45d256d497acc5a944c0153
-
SHA256
9a1206b183d83d5a660f38c1cddfdac17e0b6d0e7a0b08e0f8c9c404b008118d
-
SHA512
6113873cc617e45290b6325d4257a79dfc2f8ac7fb3603186f0312836f9198889e0a5b8e0243bbb58213109101e453ebee496a212479b9b86e697e29bc18c66d
-
SSDEEP
6144:bT78U/SD0DHymIoUeHR+W7ROJyS1u8+2LS4DuyimUHHChs8uS6ERR5:b/I+SRKON1uCLS4iyizHV8AERR
Malware Config
Targets
-
-
Target
JaffaCakes118_0f65469247c893137885b37f49118cea
-
Size
338KB
-
MD5
0f65469247c893137885b37f49118cea
-
SHA1
30cd2f989e620a5af45d256d497acc5a944c0153
-
SHA256
9a1206b183d83d5a660f38c1cddfdac17e0b6d0e7a0b08e0f8c9c404b008118d
-
SHA512
6113873cc617e45290b6325d4257a79dfc2f8ac7fb3603186f0312836f9198889e0a5b8e0243bbb58213109101e453ebee496a212479b9b86e697e29bc18c66d
-
SSDEEP
6144:bT78U/SD0DHymIoUeHR+W7ROJyS1u8+2LS4DuyimUHHChs8uS6ERR5:b/I+SRKON1uCLS4iyizHV8AERR
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-