General
-
Target
3012f0534f7547e858c6ece420cfc649bdc542edc713db5d0891a8e2821d4fad
-
Size
152KB
-
Sample
221125-x8wmhadc5x
-
MD5
0b7d22692603f08c0241f7945cfc8140
-
SHA1
affcb08e2123a68e2bb79bdc826b0c010e6faaf6
-
SHA256
3012f0534f7547e858c6ece420cfc649bdc542edc713db5d0891a8e2821d4fad
-
SHA512
eb4e5f9cd57ea8436f6d3a198079327ef3293d9e2a09d7bd395e491978976059d62fd9660285ebe22d2633260bfa43643f6d479eed43ca77b9dab27f83ac176c
-
SSDEEP
1536:c1DMz1DQvXLq6t7awFONecenlLnQHIG5R9c73P600t:9eGw9A0rC00t
Malware Config
Targets
-
-
Target
3012f0534f7547e858c6ece420cfc649bdc542edc713db5d0891a8e2821d4fad
-
Size
152KB
-
MD5
0b7d22692603f08c0241f7945cfc8140
-
SHA1
affcb08e2123a68e2bb79bdc826b0c010e6faaf6
-
SHA256
3012f0534f7547e858c6ece420cfc649bdc542edc713db5d0891a8e2821d4fad
-
SHA512
eb4e5f9cd57ea8436f6d3a198079327ef3293d9e2a09d7bd395e491978976059d62fd9660285ebe22d2633260bfa43643f6d479eed43ca77b9dab27f83ac176c
-
SSDEEP
1536:c1DMz1DQvXLq6t7awFONecenlLnQHIG5R9c73P600t:9eGw9A0rC00t
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-