General
-
Target
c1eb5a438ecfb6a536d9b27fac94152105dcac9474415be4d52015d43a1b3c46
-
Size
252KB
-
Sample
221203-zaa91sge6w
-
MD5
a884cae9f497e760fc56a8be39b2a669
-
SHA1
bd94a44dcedd749e528096b62eb05f8f06c39bbd
-
SHA256
c1eb5a438ecfb6a536d9b27fac94152105dcac9474415be4d52015d43a1b3c46
-
SHA512
f6dde0013259b42a3b7d37e37c5fc1e42b0da3df787989db170cb7d940b5e6ceb99c2703843dcb8a6170a7bef0686e3951552226764e4eaf08d2f2ea78941a35
-
SSDEEP
6144:v+sgruPCTXu0+EI8AroFQDDP/m5dNP8ICz7RBoQ9X:DMuPCiNf8uDDodl8Ie7RBoQV
Malware Config
Targets
-
-
Target
c1eb5a438ecfb6a536d9b27fac94152105dcac9474415be4d52015d43a1b3c46
-
Size
252KB
-
MD5
a884cae9f497e760fc56a8be39b2a669
-
SHA1
bd94a44dcedd749e528096b62eb05f8f06c39bbd
-
SHA256
c1eb5a438ecfb6a536d9b27fac94152105dcac9474415be4d52015d43a1b3c46
-
SHA512
f6dde0013259b42a3b7d37e37c5fc1e42b0da3df787989db170cb7d940b5e6ceb99c2703843dcb8a6170a7bef0686e3951552226764e4eaf08d2f2ea78941a35
-
SSDEEP
6144:v+sgruPCTXu0+EI8AroFQDDP/m5dNP8ICz7RBoQ9X:DMuPCiNf8uDDodl8Ie7RBoQV
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
UAC bypass
-
Windows security bypass
-
ModiLoader Second Stage
-
Windows security modification
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-