General
-
Target
793f9f8a81becb41479a88b00e45b3fbbf980fa999510cde719e2897db437fb0
-
Size
513KB
-
Sample
221201-c91mmaca61
-
MD5
acf14b8eaa852bccf9363481e29c02db
-
SHA1
5ba847fc5b7a3008b152d72f848c42376ad3dd2b
-
SHA256
793f9f8a81becb41479a88b00e45b3fbbf980fa999510cde719e2897db437fb0
-
SHA512
42bd752ccc52149bd5ab86a6f361c452689b02854d35cceed6d155599bd5728a9bb41c557801c2b2e0e04d8cb3ffa3d3e55986621258d7b740c54bd7e0ed9eea
-
SSDEEP
12288:WV+mzqnq7ZdAJu4Du/1biQb1huzoreF7V3qtBwlE4uif3Pzj4:W82Nd/4IHeam3qtBGE4uu3PI
Malware Config
Targets
-
-
Target
793f9f8a81becb41479a88b00e45b3fbbf980fa999510cde719e2897db437fb0
-
Size
513KB
-
MD5
acf14b8eaa852bccf9363481e29c02db
-
SHA1
5ba847fc5b7a3008b152d72f848c42376ad3dd2b
-
SHA256
793f9f8a81becb41479a88b00e45b3fbbf980fa999510cde719e2897db437fb0
-
SHA512
42bd752ccc52149bd5ab86a6f361c452689b02854d35cceed6d155599bd5728a9bb41c557801c2b2e0e04d8cb3ffa3d3e55986621258d7b740c54bd7e0ed9eea
-
SSDEEP
12288:WV+mzqnq7ZdAJu4Du/1biQb1huzoreF7V3qtBwlE4uif3Pzj4:W82Nd/4IHeam3qtBGE4uu3PI
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-