General
-
Target
775e1c26b7df9c005e5ae8b9facfeb576287f7aa59cda404ad283baddfc860f1
-
Size
87KB
-
Sample
221128-kqm67aag96
-
MD5
06911128865badb4b3c089696da1171d
-
SHA1
200e5d06986d3398fd4adf74e646085275e57d46
-
SHA256
775e1c26b7df9c005e5ae8b9facfeb576287f7aa59cda404ad283baddfc860f1
-
SHA512
006a21fca3f5673b6416a1ce80b87867e4806db9efac825312110c11eeae5999d72cfe8194f4ff0aa8a0105b1c3dcb7cb2ca6c49108c69c5da7917c8ff22dff6
-
SSDEEP
1536:yPHHMPo+9opGnNHBgbV++kb0JindkwmhGBF98j9fOg8A5KzEtKfE8n:yvHMPopG9B8VbinWGr98j9fOgQfTn
Static task
static1
Behavioral task
behavioral1
Sample
775e1c26b7df9c005e5ae8b9facfeb576287f7aa59cda404ad283baddfc860f1.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
775e1c26b7df9c005e5ae8b9facfeb576287f7aa59cda404ad283baddfc860f1.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
775e1c26b7df9c005e5ae8b9facfeb576287f7aa59cda404ad283baddfc860f1
-
Size
87KB
-
MD5
06911128865badb4b3c089696da1171d
-
SHA1
200e5d06986d3398fd4adf74e646085275e57d46
-
SHA256
775e1c26b7df9c005e5ae8b9facfeb576287f7aa59cda404ad283baddfc860f1
-
SHA512
006a21fca3f5673b6416a1ce80b87867e4806db9efac825312110c11eeae5999d72cfe8194f4ff0aa8a0105b1c3dcb7cb2ca6c49108c69c5da7917c8ff22dff6
-
SSDEEP
1536:yPHHMPo+9opGnNHBgbV++kb0JindkwmhGBF98j9fOg8A5KzEtKfE8n:yvHMPopG9B8VbinWGr98j9fOgQfTn
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-