General
-
Target
f681912ca730e36b770946df9b7fd9483334405984a7eee9cc8897f66d7af8eb
-
Size
690KB
-
Sample
221203-m8vp4ahe3t
-
MD5
3032257edda1791849566825d5ff1d99
-
SHA1
5ddfeda08a32abdbfa9264deb30dd46df74469eb
-
SHA256
f681912ca730e36b770946df9b7fd9483334405984a7eee9cc8897f66d7af8eb
-
SHA512
75dceebcfe39f6c6f57798bd8088560c6e047b2fc374cd18a5f34bd646dd162ae0771143b1bd315686c81a65ff096a4f667539a5f555e8ed718d6d468b72c65b
-
SSDEEP
12288:tzy6rRxEu8H7W5dImEVtQkJjDOGIcI/tGW4yrAtSNGC8fpmDH/tcTA:46rTkqdmVSkByEYr4yAtyb8RmTWE
Malware Config
Targets
-
-
Target
f681912ca730e36b770946df9b7fd9483334405984a7eee9cc8897f66d7af8eb
-
Size
690KB
-
MD5
3032257edda1791849566825d5ff1d99
-
SHA1
5ddfeda08a32abdbfa9264deb30dd46df74469eb
-
SHA256
f681912ca730e36b770946df9b7fd9483334405984a7eee9cc8897f66d7af8eb
-
SHA512
75dceebcfe39f6c6f57798bd8088560c6e047b2fc374cd18a5f34bd646dd162ae0771143b1bd315686c81a65ff096a4f667539a5f555e8ed718d6d468b72c65b
-
SSDEEP
12288:tzy6rRxEu8H7W5dImEVtQkJjDOGIcI/tGW4yrAtSNGC8fpmDH/tcTA:46rTkqdmVSkByEYr4yAtyb8RmTWE
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-