General
-
Target
860d55c4705cf87ccdd64a631713a4001f75d1e0367e46f3ec4e758aade7849e
-
Size
952KB
-
Sample
221201-cl3gbaee93
-
MD5
dff6de68222bf648124424083bb04cda
-
SHA1
c3af488e3d088794a467e001750b8881a81613d9
-
SHA256
860d55c4705cf87ccdd64a631713a4001f75d1e0367e46f3ec4e758aade7849e
-
SHA512
e2de31e92b59ace4a10af37b2f1d5ef0934a862a2f89ec1857e0a7b0eb6ab571077f9112b239997a168b7eec403838fd793897a1189b02a45d73db8695e66334
-
SSDEEP
24576:4cnKcQXOefQadcr3TJkNlT5rwg5TjMerwD+CuPtiz+O0eWhBM:FKBPcrjJYJznP0juPtib09M
Static task
static1
Behavioral task
behavioral1
Sample
860d55c4705cf87ccdd64a631713a4001f75d1e0367e46f3ec4e758aade7849e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
860d55c4705cf87ccdd64a631713a4001f75d1e0367e46f3ec4e758aade7849e.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
860d55c4705cf87ccdd64a631713a4001f75d1e0367e46f3ec4e758aade7849e
-
Size
952KB
-
MD5
dff6de68222bf648124424083bb04cda
-
SHA1
c3af488e3d088794a467e001750b8881a81613d9
-
SHA256
860d55c4705cf87ccdd64a631713a4001f75d1e0367e46f3ec4e758aade7849e
-
SHA512
e2de31e92b59ace4a10af37b2f1d5ef0934a862a2f89ec1857e0a7b0eb6ab571077f9112b239997a168b7eec403838fd793897a1189b02a45d73db8695e66334
-
SSDEEP
24576:4cnKcQXOefQadcr3TJkNlT5rwg5TjMerwD+CuPtiz+O0eWhBM:FKBPcrjJYJznP0juPtib09M
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-