General
-
Target
8c39fbf110a18db89696a3731bdecc299c3145c2e3bb452af3f3dbfea6b95501
-
Size
1.0MB
-
Sample
221130-ag75wsbc84
-
MD5
11c2b87c8cb8d6044229320e3db85a38
-
SHA1
acbe8c0a2d28dffe9fe847e19506063ff704f539
-
SHA256
8c39fbf110a18db89696a3731bdecc299c3145c2e3bb452af3f3dbfea6b95501
-
SHA512
406db0e455f73aae39aa7927543e8379be00625a7ee4ba8b8ca6c9425953bd0e96b3f848b40dd64c772d2be21aecbadfa834efea8a16c82ab6a0e9bd95c64a5e
-
SSDEEP
24576:7QmXsvsFxtZF5WfL4tcKGCInmBe5yaK13+I2wTq8Rg7A8SfUvPL:8mcUtn+kzBJvNW
Malware Config
Targets
-
-
Target
8c39fbf110a18db89696a3731bdecc299c3145c2e3bb452af3f3dbfea6b95501
-
Size
1.0MB
-
MD5
11c2b87c8cb8d6044229320e3db85a38
-
SHA1
acbe8c0a2d28dffe9fe847e19506063ff704f539
-
SHA256
8c39fbf110a18db89696a3731bdecc299c3145c2e3bb452af3f3dbfea6b95501
-
SHA512
406db0e455f73aae39aa7927543e8379be00625a7ee4ba8b8ca6c9425953bd0e96b3f848b40dd64c772d2be21aecbadfa834efea8a16c82ab6a0e9bd95c64a5e
-
SSDEEP
24576:7QmXsvsFxtZF5WfL4tcKGCInmBe5yaK13+I2wTq8Rg7A8SfUvPL:8mcUtn+kzBJvNW
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-