General
-
Target
SecuriteInfo.com.generic.ml.11693.19794
-
Size
1MB
-
Sample
220706-c5akmsfhbq
-
MD5
b7e7dbddbf21cffd9bc1c8dc94d4a441
-
SHA1
f224aa8a1b6fcc26c1ebce42166529191381abd5
-
SHA256
c8fc44d1f9bae45933ba95a20f0aebf0e69f8304ea11a4346e610dfacc8ce049
-
SHA512
72caa05fd9bb53057ecc0beb0a48505901c1d1f6d76394e3340f4ba9daaf472f95a760634a4943858821b41e2ae887f0ac76aa667c5d4fba72436f0d3f20dc67
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.generic.ml.11693.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.generic.ml.11693.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.generic.ml.11693.19794
-
Size
1MB
-
MD5
b7e7dbddbf21cffd9bc1c8dc94d4a441
-
SHA1
f224aa8a1b6fcc26c1ebce42166529191381abd5
-
SHA256
c8fc44d1f9bae45933ba95a20f0aebf0e69f8304ea11a4346e610dfacc8ce049
-
SHA512
72caa05fd9bb53057ecc0beb0a48505901c1d1f6d76394e3340f4ba9daaf472f95a760634a4943858821b41e2ae887f0ac76aa667c5d4fba72436f0d3f20dc67
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
suricata: ET MALWARE FormBook CnC Checkin (GET)
suricata: ET MALWARE FormBook CnC Checkin (GET)
-
suricata: ET MALWARE FormBook CnC Checkin (POST) M2
suricata: ET MALWARE FormBook CnC Checkin (POST) M2
-
ModiLoader Second Stage
-
Xloader Payload
-
Adds policy Run key to start application
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-