General
-
Target
Document.exe
-
Size
845KB
-
Sample
210404-mybyxt4fj2
-
MD5
26382b4f3cc97798992f8c88c27febdd
-
SHA1
7e8971f121c2b09dea8760c1f1edc5b9931d24f8
-
SHA256
896d2dc1eab72419ab524333d3fba88c8ddf92b087f1c9af5d6ea402b0c77d89
-
SHA512
a15fb1bf882f23359fb86ec59fee5bc1fb2b7b0059550842c2d27489788834b843ca81ff0252d9b6359dbf9cd572bed9b65447a82571b3067b0515143d299b07
Static task
static1
Behavioral task
behavioral1
Sample
Document.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Document.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
Bruno.camdvr.org:2404
Bruno1.camdvr.org:2404
Bruno2.camdvr.org:2404
Targets
-
-
Target
Document.exe
-
Size
845KB
-
MD5
26382b4f3cc97798992f8c88c27febdd
-
SHA1
7e8971f121c2b09dea8760c1f1edc5b9931d24f8
-
SHA256
896d2dc1eab72419ab524333d3fba88c8ddf92b087f1c9af5d6ea402b0c77d89
-
SHA512
a15fb1bf882f23359fb86ec59fee5bc1fb2b7b0059550842c2d27489788834b843ca81ff0252d9b6359dbf9cd572bed9b65447a82571b3067b0515143d299b07
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Adds Run key to start application
-