General
-
Target
ASLF1SR00116 40HC 21T05 DALIAN TO GENOVA..exe
-
Size
715KB
-
Sample
220808-ekr1asfba8
-
MD5
80ba0c92bd8bebfc4ead324e550e2797
-
SHA1
efd0a3f4bfbc2616356c8937bdefb2a8d916950a
-
SHA256
88502779764c4ceacff4b4a39a389bf13389b734f99e76160c865a2da6d21bee
-
SHA512
f426051a14767f3c446e6792ac76cd32e28955a2b48c03a7f050c04e8f91eb16695d7b0755ea5a45c9acb137269102277df990bd43432eaf07d8a33db8d6ef0b
Static task
static1
Behavioral task
behavioral1
Sample
ASLF1SR00116 40HC 21T05 DALIAN TO GENOVA..exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
ASLF1SR00116 40HC 21T05 DALIAN TO GENOVA..exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
ASLF1SR00116 40HC 21T05 DALIAN TO GENOVA..exe
-
Size
715KB
-
MD5
80ba0c92bd8bebfc4ead324e550e2797
-
SHA1
efd0a3f4bfbc2616356c8937bdefb2a8d916950a
-
SHA256
88502779764c4ceacff4b4a39a389bf13389b734f99e76160c865a2da6d21bee
-
SHA512
f426051a14767f3c446e6792ac76cd32e28955a2b48c03a7f050c04e8f91eb16695d7b0755ea5a45c9acb137269102277df990bd43432eaf07d8a33db8d6ef0b
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-