General
-
Target
a1d60f185ee6b6513b3b1a177108f0c709e034c2d5391d7f7bbe8f01211c100a
-
Size
260KB
-
Sample
221203-tvjh8sag7t
-
MD5
76950e8e11eb94047b5c6feec894c2f8
-
SHA1
cd965d9bc165941dd90c12e4f96fc724ba613c38
-
SHA256
a1d60f185ee6b6513b3b1a177108f0c709e034c2d5391d7f7bbe8f01211c100a
-
SHA512
4a1642b9898f190f25a96c7fecd91b9d9d3d80895da1faf054233c5348fff8a44d7fc1b82088aa8be9510add68d1fba7356f300e3e0adbbe1dcfb893a55a3908
-
SSDEEP
6144:rfPa7LNn7e13nGt3LFggvqpxpf9UtPPOsqqIC7D:rniNn7IMhzvqpxpf9IPOxo
Malware Config
Targets
-
-
Target
a1d60f185ee6b6513b3b1a177108f0c709e034c2d5391d7f7bbe8f01211c100a
-
Size
260KB
-
MD5
76950e8e11eb94047b5c6feec894c2f8
-
SHA1
cd965d9bc165941dd90c12e4f96fc724ba613c38
-
SHA256
a1d60f185ee6b6513b3b1a177108f0c709e034c2d5391d7f7bbe8f01211c100a
-
SHA512
4a1642b9898f190f25a96c7fecd91b9d9d3d80895da1faf054233c5348fff8a44d7fc1b82088aa8be9510add68d1fba7356f300e3e0adbbe1dcfb893a55a3908
-
SSDEEP
6144:rfPa7LNn7e13nGt3LFggvqpxpf9UtPPOsqqIC7D:rniNn7IMhzvqpxpf9IPOxo
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-