General
-
Target
dc98a0ec2bd10d57e6cac8a065ed946a74c4d832b3c9116cf9c9813c0625be3f
-
Size
1.5MB
-
Sample
220718-rj5k8afbcj
-
MD5
5196065aed6cdfaaa32ddcc40bcae9c3
-
SHA1
e03659dcd60b1b79532c6a23e0e1eaeb37a35cea
-
SHA256
dc98a0ec2bd10d57e6cac8a065ed946a74c4d832b3c9116cf9c9813c0625be3f
-
SHA512
93b363b18745586d650d8fb1ee989ec83741e304758befc3734fc35b0c50e991ed9bd7145620c745afa989ea277a1f5c39565e85532f79cf1ae27525951661bc
Behavioral task
behavioral1
Sample
dc98a0ec2bd10d57e6cac8a065ed946a74c4d832b3c9116cf9c9813c0625be3f.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
dc98a0ec2bd10d57e6cac8a065ed946a74c4d832b3c9116cf9c9813c0625be3f
-
Size
1.5MB
-
MD5
5196065aed6cdfaaa32ddcc40bcae9c3
-
SHA1
e03659dcd60b1b79532c6a23e0e1eaeb37a35cea
-
SHA256
dc98a0ec2bd10d57e6cac8a065ed946a74c4d832b3c9116cf9c9813c0625be3f
-
SHA512
93b363b18745586d650d8fb1ee989ec83741e304758befc3734fc35b0c50e991ed9bd7145620c745afa989ea277a1f5c39565e85532f79cf1ae27525951661bc
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Drops file in System32 directory
-