General
-
Target
2a1edd92233018fc3c33972e19ca63a3
-
Size
146KB
-
Sample
220621-rm7jzsgcb8
-
MD5
2a1edd92233018fc3c33972e19ca63a3
-
SHA1
79f10d83b210290437378d78a38451f69717fd3b
-
SHA256
384b9f8ff8f8590c530561fddcc5c9eb9d086e8d5414ce4d0e6fab7ad2df7b58
-
SHA512
b89bc1d284e982d7bcd02d73e979c2a597aff9934e980aba7113ed7d62a4c50c65013889ee15d3ec4c29fc034c2bda68edcbbddb1b238630848e4a1299d0f21f
Static task
static1
Behavioral task
behavioral1
Sample
Acknowledgement Document.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Acknowledgement Document.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
xloader
2.9
6ec8
jRVrOiU6P9SL
hBvtTXRps0YOiMK7wW4Yqfq8Nw==
HyX2Ohx73aQBbtxjU7Pzfg==
vzhVfL1jwJABICwP
x3pvuHsiLt6S
TlErGZ4JgmQfNVSxQWirnqdyRBo7SA==
UDFwtT+b/ohQnJQXBpWrVZyERBo7SA==
tl9gWu5Ng2YwenkR
SR9SnD6x7qEVh8n9WmVze4RKBqpIvLZ3
GlDQs56A5IckU3l1PEHT
2q+6jfdntUyrKWu0O4hlZoY=
ws8gw/+Y47tUzTx9prT+oJE=
mX6gcFZVqpVm/G9usbc=
9znSNHJSopVm/G9usbc=
KZxBj7bv/66K5hoASohlZoY=
86PIKEpEpz8dJ1oY
w8OZhBJ/zXGk1s7mZZnb5QbvwyWpROw=
YD+LAlhIpUQdgcFsQNgOlqaERBo7SA==
BWrdPt8lB/5g1Q==
IvVBvCQHcjwgXNeSvLo=
e7tbyhoIbA3gR4B1PEHT
umkgRhA2tWMmTz+9fhdy2wC1Pw==
JaRIm2nHDrL+OjZR1Aj3ZYZN1fhIvLZ3
ip/dMWNPnE6GgMzT+KTb
Gx352Tenz8A9zA==
7d8EXpqdCcYBSHDAfSxkqfq8Nw==
oNlNl/niLA2W2wHQ7qLb
EfZMsUzRI8Uff78U9EHoqfq8Nw==
QW58v8wmB/5g1Q==
D2lGmyriGaiF
tLukpD+3GrLLCUENgqY=
JM3OxePXRSXiDQ4=
SMiKz9vPGK6TDj4FRohlZoY=
7K3QLDxtY4wBICwP
1ocByZaHzWGM6SN2EJzwJbwXK4SP
iaGe4JpHbAt26ybBK0fE
ljOv9kpOqnrWJi0+n6bLzinGl0I=
sTmfvWNFnjz5RXoqO6ffd7qsNg==
oqXWJLgql2ABICwP
0+cyeAd+1ovfPYHKeT9cX4Q=
rwJiOxDvVBsYLRw2ve0gTZ6HDSWpROw=
EUfoS9xKghp+3ujxSohlZoY=
C6sqaKaeBrnOr+PoSKSYnJ8=
C648Oe1hmy4dJ1oY
mdx46kY+ixcdJ1oY
gzhpMYXgB/5g1Q==
O33qL+hLo0I/VY1QsL8=
TBMyoXneB/5g1Q==
Rws3ptLMHcKu0gG4BQojR44=
tIaGnzali1UWwg==
KKD14wAiLt6S
yQyoEFxKZ28dJ1oY
BmL+9Qz/TfKp4expU7Pzfg==
t4uhljSxCsERUY1QsL8=
1tgGVe5dx4Cx2s7dQIhlZoY=
2gqIsJKN3I/IGBwsm7Py/VkJiZuR
PPV5Vlg/nTgdJ1oY
LJFZwoLsNOCsKF86k5u/xSnGl0I=
KxhGfdZQunINQ3R1PEHT
L6dxt8LAOOJvqBxoFg==
TKd87a4jeDwah8l7RuyHsSnGl0I=
pwqyPd1+oUBs0A==
1skEYZyY+oRe341QsL8=
xTHnPvhnsk/fAfNlU7Pzfg==
kompactkitchens.com
Targets
-
-
Target
Acknowledgement Document.exe
-
Size
241KB
-
MD5
23f5b6b826923ad737d239e8d69c6fb3
-
SHA1
ea339ae5e0b951588735c5321a8e248b2580e4c7
-
SHA256
b914edf9af881ccbc5134d66cbd02cda42129d801b1a862b5a76ea24567b6383
-
SHA512
c6f0565605122126c3eb7266edc16bd76645d1f3dd249d6059d09e349ee695c39062bfc4a7e5b8d76e566160de3f8eca8410c4d6322ae034b316df74cb45bd5e
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
suricata: ET MALWARE FormBook CnC Checkin (GET)
suricata: ET MALWARE FormBook CnC Checkin (GET)
-
ModiLoader Second Stage
-
Xloader Payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-