General
-
Target
8253821bf456177b4c835e5eb3f4087ff356972e02ffe7b53f510087f0b76868
-
Size
667KB
-
Sample
221201-cpmv2aeg64
-
MD5
35c79dd571e9798e4e607d55965ce447
-
SHA1
d7c29555287c935cfc1ff27fa120861526e44248
-
SHA256
8253821bf456177b4c835e5eb3f4087ff356972e02ffe7b53f510087f0b76868
-
SHA512
05085bfb2b204b7c93b3e8a1e0b834e93dfd8cda6200c6e480bb96f28582f3c7052a406da64d8cceb3cb887a90254cb1a7e8773d32ab346d1850340d36c4b6fd
-
SSDEEP
12288:35MFIglMy3WYJYvE0Ugq1b7mtllr+59OgkkLKXz1huQY1KBHE36:32CYZiagq1n2nr9ghLenu71ck36
Static task
static1
Behavioral task
behavioral1
Sample
8253821bf456177b4c835e5eb3f4087ff356972e02ffe7b53f510087f0b76868.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8253821bf456177b4c835e5eb3f4087ff356972e02ffe7b53f510087f0b76868.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
8253821bf456177b4c835e5eb3f4087ff356972e02ffe7b53f510087f0b76868
-
Size
667KB
-
MD5
35c79dd571e9798e4e607d55965ce447
-
SHA1
d7c29555287c935cfc1ff27fa120861526e44248
-
SHA256
8253821bf456177b4c835e5eb3f4087ff356972e02ffe7b53f510087f0b76868
-
SHA512
05085bfb2b204b7c93b3e8a1e0b834e93dfd8cda6200c6e480bb96f28582f3c7052a406da64d8cceb3cb887a90254cb1a7e8773d32ab346d1850340d36c4b6fd
-
SSDEEP
12288:35MFIglMy3WYJYvE0Ugq1b7mtllr+59OgkkLKXz1huQY1KBHE36:32CYZiagq1n2nr9ghLenu71ck36
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-