General
-
Target
983887ca0ff13c4c8c23656959a783b9292149e4b5c88a2be22cae961564a280
-
Size
942KB
-
Sample
221130-ah77aaee8s
-
MD5
f1a0acd80140c26ee554e3530b026769
-
SHA1
f955a1332d53c869bd6d6dea70846ebccd0b826b
-
SHA256
983887ca0ff13c4c8c23656959a783b9292149e4b5c88a2be22cae961564a280
-
SHA512
8c228c37b12abdd64dc6a1907ad53776710ec942f30fe2e8adc3d3eb35e261f683d0daa95d25cd83caaec961f69c5d45995cd1beaf9fa80a8a1ca5ef44adf544
-
SSDEEP
24576:DyXehMSvLsJvH2+B72FH438X+fQiEXaZL1TtAXY:i0RwdP1mTX+f0g1Tt
Behavioral task
behavioral1
Sample
983887ca0ff13c4c8c23656959a783b9292149e4b5c88a2be22cae961564a280.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
983887ca0ff13c4c8c23656959a783b9292149e4b5c88a2be22cae961564a280
-
Size
942KB
-
MD5
f1a0acd80140c26ee554e3530b026769
-
SHA1
f955a1332d53c869bd6d6dea70846ebccd0b826b
-
SHA256
983887ca0ff13c4c8c23656959a783b9292149e4b5c88a2be22cae961564a280
-
SHA512
8c228c37b12abdd64dc6a1907ad53776710ec942f30fe2e8adc3d3eb35e261f683d0daa95d25cd83caaec961f69c5d45995cd1beaf9fa80a8a1ca5ef44adf544
-
SSDEEP
24576:DyXehMSvLsJvH2+B72FH438X+fQiEXaZL1TtAXY:i0RwdP1mTX+f0g1Tt
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-