General
-
Target
662374e99efaa4bbba1ab9acda37b76b81b2b1514059a4708b684e864c94535c
-
Size
2.6MB
-
Sample
221201-es5lcsgf3t
-
MD5
1402135d17a263d7ebe43ee969ac5c07
-
SHA1
3390e5a46080b897cd9385fce1160acdeb556093
-
SHA256
662374e99efaa4bbba1ab9acda37b76b81b2b1514059a4708b684e864c94535c
-
SHA512
29c1b3cfe91832fe7c9d4034653bd46579011d7778b8dbc2fd90215c86190cbe494cbefe2ecf6ab2054a7f9fcfb0db48f79bc473ec641158dab200951f40eeb7
-
SSDEEP
49152:MF1hnLT3M0mLyfechjgA3ZBIsy6+j8rbzarG+crEmUXyNpbxn0k076hS:MFPM0c8echjgIIsy6+WXrtUCrl0kG6hS
Static task
static1
Behavioral task
behavioral1
Sample
662374e99efaa4bbba1ab9acda37b76b81b2b1514059a4708b684e864c94535c.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
662374e99efaa4bbba1ab9acda37b76b81b2b1514059a4708b684e864c94535c
-
Size
2.6MB
-
MD5
1402135d17a263d7ebe43ee969ac5c07
-
SHA1
3390e5a46080b897cd9385fce1160acdeb556093
-
SHA256
662374e99efaa4bbba1ab9acda37b76b81b2b1514059a4708b684e864c94535c
-
SHA512
29c1b3cfe91832fe7c9d4034653bd46579011d7778b8dbc2fd90215c86190cbe494cbefe2ecf6ab2054a7f9fcfb0db48f79bc473ec641158dab200951f40eeb7
-
SSDEEP
49152:MF1hnLT3M0mLyfechjgA3ZBIsy6+j8rbzarG+crEmUXyNpbxn0k076hS:MFPM0c8echjgIIsy6+WXrtUCrl0kG6hS
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-