General
-
Target
1abbb6cb6985c8dce875dc21b7d40c5e_JaffaCakes118
-
Size
411KB
-
Sample
240701-k8mclswgqq
-
MD5
1abbb6cb6985c8dce875dc21b7d40c5e
-
SHA1
abeb048fe91c6e032a88b87aa82da2bbb1955237
-
SHA256
26baa4252ae3a62bb4eb2fa35c777637bdc15cc660b40ddc99eac73edc811956
-
SHA512
f8ec276beb3af41255fb73e803db70af69cf466ad2963a15dad59eefa930694f941afdca7ef03c40c62e7d8110a3e46df640d771431c64e435edb30f4f60bede
-
SSDEEP
6144:uZ5Thwqalk7grZqE9WRY/HXiKMm5Z96z/Tfs7A9lcFuos8NnhJWmseb612cl9a:yJ7alkMrZqEJi9oQ8icFt7hJWRDQ
Behavioral task
behavioral1
Sample
403518179/TEXT2HTML13/UConvertClass.js
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
403518179/TEXT2HTML13/UConvertClass.js
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
403518179/TEXT2HTML13/text2html.exe
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
403518179/TEXT2HTML13/text2html.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
403518179/flashget1.exe
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
403518179/flashget1.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
403518179/TEXT2HTML13/UConvertClass.pas
-
Size
24KB
-
MD5
833a979bd7369a5f85b2cc93ae402d2e
-
SHA1
37c0630f4009dad9b5590b4206c7bc936413eb05
-
SHA256
baab79150642f90f837b3230f8cb0f56515e939aa333b838ff92e3a3dcb28b63
-
SHA512
e384d75d06c794e3da61071694db7e506a077f10f5a5bde7761c37c4efc77ace528c6c5d5634e7a8ced42b88df5c770dd9ecdd1ad1c379a6bf962a4f3fca0e6f
-
SSDEEP
384:qGQwSA7IA0wG5O11eFfYKeaIhwgGEKVo6BVhp5Xt:qGgA0X8EfYKvIhw+KTVhp5Xt
Score3/10 -
-
-
Target
403518179/TEXT2HTML13/text2html.exe
-
Size
295KB
-
MD5
7df17e6f492e779e8b73e04069f06a77
-
SHA1
2da8d96d604d72ba27c64cd0c5b1dca6fb359a97
-
SHA256
32410ff3e7b6f2e206aff674135ea3d5b703b4b1be25c78e7c0595c468d27bd2
-
SHA512
94e51905a30b816695a1930d3190cbcf4818023aa99392908d619460d7dd36d518f2433b46d79883a112a1445d98725cecddf40aebca5ba9e4819d237f552e70
-
SSDEEP
6144:wl4MI7sUKhMsMHcJQcH7tyytkWIrEBf4eMSB+I0Bs3uJ:8UKGs0+DHMBWIa4aBH0BseJ
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader First Stage
-
-
-
Target
403518179/flashget1.exe
-
Size
49KB
-
MD5
6c09ec31b87e8c4c37a571de86cefebb
-
SHA1
12dbce9f388162a27de2bc757863eac1cc3f3d6b
-
SHA256
92449ef542dd41fc40c8c9de928588f590694f16e271a18a17d2c5d7c70faed9
-
SHA512
1a793f975db781544976ee4c236c49a82138824da48e57957b163697e20fab5ba8d1fc79864864451a02a9dc3e4439ca499ff01d603e6fe13bfe7a2938e1d543
-
SSDEEP
1536:0kh1tUlXu37pA828Nz9uNizpDuD4x/AYxJ:rh1alXu3DF9lzpn/Am
Score7/10-
Executes dropped EXE
-
Drops file in System32 directory
-