General
-
Target
SecuriteInfo.com.Variant.Zusy.434746.19230.5503
-
Size
797KB
-
Sample
220801-d5w93sgee4
-
MD5
8e16fd7852d00fd89e5ad4c2b3ac7432
-
SHA1
d492d1d739c437cfee2a4b5c401eef8003a7352a
-
SHA256
b1837f6e117f60e76da4f32b8b86cab5476d07e213421598a4f38c0cbab8f0d3
-
SHA512
03d6a9696558428c9fb42bc22c968c852310a986185ba5072fc364a13c33d1ab47b62ad05c101b423e7956403b5ff116b5739c23e6b00b51dcbe110f0c671e35
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Zusy.434746.19230.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Variant.Zusy.434746.19230.exe
Resource
win10v2004-20220722-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Variant.Zusy.434746.19230.5503
-
Size
797KB
-
MD5
8e16fd7852d00fd89e5ad4c2b3ac7432
-
SHA1
d492d1d739c437cfee2a4b5c401eef8003a7352a
-
SHA256
b1837f6e117f60e76da4f32b8b86cab5476d07e213421598a4f38c0cbab8f0d3
-
SHA512
03d6a9696558428c9fb42bc22c968c852310a986185ba5072fc364a13c33d1ab47b62ad05c101b423e7956403b5ff116b5739c23e6b00b51dcbe110f0c671e35
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-