General
-
Target
Copia_de_Pago_pdf.scr
-
Size
704KB
-
Sample
210510-g34p1jclns
-
MD5
9a898b2953874a2474c74d8d48e78596
-
SHA1
50dac6556f57b03f1a3165bbfa9e326de3a2bf4e
-
SHA256
44130b6c18abaaea8d59ba7ef447b231e2bde5ae9fd572104ca51136e5e35150
-
SHA512
07fa3708aa1c28ecfcc9b753287dd15334fb96c0f97f3be1b7aebd9772f320d226f24305131d1f914438898652592b15e7f75eb9fbd4c1a82cde32359da38317
Static task
static1
Behavioral task
behavioral1
Sample
Copia_de_Pago_pdf.scr
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Copia_de_Pago_pdf.scr
Resource
win10v20210408
Malware Config
Extracted
remcos
Officialsw.chickenkiller.com:2310
official.ydns.eu:2310
Targets
-
-
Target
Copia_de_Pago_pdf.scr
-
Size
704KB
-
MD5
9a898b2953874a2474c74d8d48e78596
-
SHA1
50dac6556f57b03f1a3165bbfa9e326de3a2bf4e
-
SHA256
44130b6c18abaaea8d59ba7ef447b231e2bde5ae9fd572104ca51136e5e35150
-
SHA512
07fa3708aa1c28ecfcc9b753287dd15334fb96c0f97f3be1b7aebd9772f320d226f24305131d1f914438898652592b15e7f75eb9fbd4c1a82cde32359da38317
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Adds Run key to start application
-