General
-
Target
f53107b892a50e33ff130e01cf391a2b69524dbe09b75cc13192365bbd6eda11.zip
-
Size
427KB
-
Sample
221130-jtxz5aeb3x
-
MD5
e0c5cf1d80f1bc4f26a42d59baf58558
-
SHA1
d489549c38f484a103baca23da205ab67ff2a913
-
SHA256
54949cb990cfc318dafcd281111f4176fed7f22889e52144e80675e14bf099ce
-
SHA512
0b47d8ea43f861d831eadf856ff2939fcf3ec955b8d90d3dfc4fa5c238b7578ee86b4b56cb17361c36d99316cd9ba83cb4d33b9b9cdbcdc02581aea86ea5c540
-
SSDEEP
12288:cEdRoa63fsmImGMLqPrWVswFDb3dBL1c2:Ar3EmG1PrWVsiHLW2
Static task
static1
Behavioral task
behavioral1
Sample
f53107b892a50e33ff130e01cf391a2b69524dbe09b75cc13192365bbd6eda11.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
f53107b892a50e33ff130e01cf391a2b69524dbe09b75cc13192365bbd6eda11.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
bitrat
1.38
winery.nsupdate.info:5877
-
communication_password
e5ff7c52fb3501484ea7ca8641803415
-
tor_process
tor
Targets
-
-
Target
f53107b892a50e33ff130e01cf391a2b69524dbe09b75cc13192365bbd6eda11.exe
-
Size
862KB
-
MD5
84bf18cdc14d7e2c5311ff6cd071a0dc
-
SHA1
a784ef5651e7e1530d4e77ab9f7f3507b51d9e67
-
SHA256
f53107b892a50e33ff130e01cf391a2b69524dbe09b75cc13192365bbd6eda11
-
SHA512
97434045c4c0c4d82296c668ec01a8ae31a9eee9bfba7db6f2d314f1574d3ee950b6a7566a0faa313a1e396541dff76be4cedac8d96bd342ed8783d1f7dc4c0d
-
SSDEEP
12288:fSj5lclcaywFMtTPWQOQSJU3FtJlpCBIUQZC8fRuHT6Kk/RqIkr:fSVKFp6rfn/VXPCyE8fMuqI
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Adds Run key to start application
-