General
-
Target
6704cdcc01f1a6903d8821ec7bfed8d66b38b7705e80701318532f1fa4617fc2
-
Size
36KB
-
Sample
221124-fh5daade2t
-
MD5
05763424c4bb2d1ee5b9b604645ab3ff
-
SHA1
6b6027ed50e25d4e416ca492e77e5e8809f66b5c
-
SHA256
6704cdcc01f1a6903d8821ec7bfed8d66b38b7705e80701318532f1fa4617fc2
-
SHA512
17e484896ab428248a55eb891f50e3955d071c12d4b80efaf513f597bfa0bb3d294eb8e5c340f408dac0d903291daa16fcbc2f49bdbe2264fc2f1498076849fd
-
SSDEEP
768:IycqOQ0bwMK2M3fQde8Pfymg0M9EQfRo0ys/Kz8:/cqOQbB3fQc8Pfymg0yxpByxz8
Malware Config
Targets
-
-
Target
6704cdcc01f1a6903d8821ec7bfed8d66b38b7705e80701318532f1fa4617fc2
-
Size
36KB
-
MD5
05763424c4bb2d1ee5b9b604645ab3ff
-
SHA1
6b6027ed50e25d4e416ca492e77e5e8809f66b5c
-
SHA256
6704cdcc01f1a6903d8821ec7bfed8d66b38b7705e80701318532f1fa4617fc2
-
SHA512
17e484896ab428248a55eb891f50e3955d071c12d4b80efaf513f597bfa0bb3d294eb8e5c340f408dac0d903291daa16fcbc2f49bdbe2264fc2f1498076849fd
-
SSDEEP
768:IycqOQ0bwMK2M3fQde8Pfymg0M9EQfRo0ys/Kz8:/cqOQbB3fQc8Pfymg0yxpByxz8
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-