General
-
Target
New Order request Ref E100-#3175704534,pdf.e.exe
-
Size
636KB
-
Sample
210407-srcl7mefwa
-
MD5
b560c1126b2e27ec044832743f163000
-
SHA1
74ad1277557d02a35729144fbdd6a7aaf1bd5de7
-
SHA256
3cc981a7b504f9c20ee0a8497581f43b007eb3c412d85b87ef7f0cd0c5a145b6
-
SHA512
97598717a4fcab5fca834447ddd5880db7cce48e9e8fc01e7049a743e5b2a8d9946706724dbc78f1c7864abf39687351542bd6c7406ccdd2362fb7ff5b607b5b
Static task
static1
Behavioral task
behavioral1
Sample
New Order request Ref E100-#3175704534,pdf.e.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
New Order request Ref E100-#3175704534,pdf.e.exe
Resource
win10v20201028
Malware Config
Extracted
remcos
goddywin.freedynamicdns.net:6712
Targets
-
-
Target
New Order request Ref E100-#3175704534,pdf.e.exe
-
Size
636KB
-
MD5
b560c1126b2e27ec044832743f163000
-
SHA1
74ad1277557d02a35729144fbdd6a7aaf1bd5de7
-
SHA256
3cc981a7b504f9c20ee0a8497581f43b007eb3c412d85b87ef7f0cd0c5a145b6
-
SHA512
97598717a4fcab5fca834447ddd5880db7cce48e9e8fc01e7049a743e5b2a8d9946706724dbc78f1c7864abf39687351542bd6c7406ccdd2362fb7ff5b607b5b
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-