Extracted

• • Target

    nova lista narudzbi.exe

  • Size

    653KB

  • MD5

    aee1c3cee2eb1b49fc9859e0ff7d2200

  • SHA1

    9681c6ae132eff2e323045b56c8e2b4b50c8757c

  • SHA256

    96538581d475a33de24ff6e71dcf35df1c21d2d1304da1b002edfddd777b5fa6

  • SHA512

    4b3110e954024cb78e28607ecd24eeaf9f1d1e370662015d17b2194ead6dc2fb3b021a5e93786c91627ab99c05ddf706f85dc1702bb885d4e760eab249cfa9a2

  • SSDEEP

    12288:Xb+ehvt30D23pDnWFFP2LCevNE6S62avdPnjD:XSuveg4eFNXeaNnjD

  Score

  10^/10

  modiloadertrojanxloadereuv4loaderpersistencerat

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader

  • Xloader

    Xloader is a rebranded version of Formbook malware.

    loaderxloader

  • ModiLoader Second Stage

  • Xloader payload

    rat

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2