General
-
Target
PO#4500139207.xz
-
Size
527KB
-
Sample
201207-kxgv8l8h4j
-
MD5
e5dec8ee8bbb51814ec4431f207a7b07
-
SHA1
02cb3ac0aa6eea11858ba71d488efa57d50a25a6
-
SHA256
061eb9426e8e4f02b6ac23875d7e3c461dffb4f72d8869c7ab16e386d4677c41
-
SHA512
385067f55a5d0c70931415ff255a8ff2e31c19a59f51708fe4c34437c88e7be817bc7b4e70ef7a1af29891a00fe30d03529d54d4bcce747af1aad4032eb767d2
Static task
static1
Behavioral task
behavioral1
Sample
PO#4500139207.xz.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
PO#4500139207.xz
-
Size
527KB
-
MD5
e5dec8ee8bbb51814ec4431f207a7b07
-
SHA1
02cb3ac0aa6eea11858ba71d488efa57d50a25a6
-
SHA256
061eb9426e8e4f02b6ac23875d7e3c461dffb4f72d8869c7ab16e386d4677c41
-
SHA512
385067f55a5d0c70931415ff255a8ff2e31c19a59f51708fe4c34437c88e7be817bc7b4e70ef7a1af29891a00fe30d03529d54d4bcce747af1aad4032eb767d2
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Executes dropped EXE
-
Adds Run key to start application
-