General
-
Target
12.exe
-
Size
619KB
-
Sample
210421-twevtx658s
-
MD5
98f413548ec275b2b0ead9caf86119eb
-
SHA1
cd39fdbed9c2011ef1d33dec7f50704664c33e63
-
SHA256
ee6d59e7ff1910806b465f8ae5fd6b2dd918cbe56fb1e3144d1484ba7b266eec
-
SHA512
266370e9871a3e8c9c26835de8dec3be658d4bbb8709b3e26bfd986c60d312a065b587935e737e866907946f07cd25a6b7b2e416aabf8693bccc6fb694d6c6ef
Static task
static1
Behavioral task
behavioral1
Sample
12.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
12.exe
Resource
win10v20210410
Malware Config
Extracted
remcos
abujafirms1.duckdns.org:12000
194.5.98.203:1988
Targets
-
-
Target
12.exe
-
Size
619KB
-
MD5
98f413548ec275b2b0ead9caf86119eb
-
SHA1
cd39fdbed9c2011ef1d33dec7f50704664c33e63
-
SHA256
ee6d59e7ff1910806b465f8ae5fd6b2dd918cbe56fb1e3144d1484ba7b266eec
-
SHA512
266370e9871a3e8c9c26835de8dec3be658d4bbb8709b3e26bfd986c60d312a065b587935e737e866907946f07cd25a6b7b2e416aabf8693bccc6fb694d6c6ef
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Adds Run key to start application
-