General
-
Target
Izjava u prilogu.exe
-
Size
836KB
-
Sample
220802-gwfshsdaal
-
MD5
07789017f254b6ac45b11f66ccada623
-
SHA1
6957e2bd7068f1303723c2ba3075771cdbcb23f0
-
SHA256
d17de6f437033140a8197c29721e535e19cde342b211c3a0074fa54f79afb375
-
SHA512
b30f98657c5069185af2e7a84af4bb2b2d73e9c7a455beae520668a6b40420e0f4d5f19333ec6f7ec45a74c8544f88d449ea1b8d2eacadf22e574b39a384e8b1
Static task
static1
Behavioral task
behavioral1
Sample
Izjava u prilogu.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
Izjava u prilogu.exe
Resource
win10v2004-20220722-en
Malware Config
Targets
-
-
Target
Izjava u prilogu.exe
-
Size
836KB
-
MD5
07789017f254b6ac45b11f66ccada623
-
SHA1
6957e2bd7068f1303723c2ba3075771cdbcb23f0
-
SHA256
d17de6f437033140a8197c29721e535e19cde342b211c3a0074fa54f79afb375
-
SHA512
b30f98657c5069185af2e7a84af4bb2b2d73e9c7a455beae520668a6b40420e0f4d5f19333ec6f7ec45a74c8544f88d449ea1b8d2eacadf22e574b39a384e8b1
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-