General
-
Target
Proforma Invoice is attached.zip
-
Size
326KB
-
Sample
230412-qfh3daea2s
-
MD5
7cdfa893a7698d03d561aa014af1a204
-
SHA1
7b1968fb24d755c15dbd909a3a1f933cb86938f7
-
SHA256
cf21b3b3efe3cbd55364efb0265ce6f7fb69ac38545791d410e98fdacf998462
-
SHA512
32f115f8e55f371523384043f120a3f46fbf8c82365704ecb49df7f1ebfdbfa385751eb81b4b61a6b8524e107c968ec3622de8257a2ca97853fd7cba850a5c74
-
SSDEEP
6144:SZgbpuHNZL+Jz2o95JxrPKunEqO62+Lp7jZ146tZ50DUTHwnzvSD96j6Y2fWPpCH:ugVcmJz/iunEqO62+Lpc6tTTug6G5W8
Static task
static1
Behavioral task
behavioral1
Sample
Fmywfytcpwdmvi.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Fmywfytcpwdmvi.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Fmywfytcpwdmvi.exe
-
Size
707KB
-
MD5
3df32efa05c88263b4ab0001b5b86aca
-
SHA1
aa936331daad999b8561df9163f46c15be8272d4
-
SHA256
94aa407f90054e51d00b6c555ef7b566944290e990f3790bf18579afe0cf60b2
-
SHA512
6702cf703c845f411f34c742b8585ead12d76e7c01dfd075c77bd068a8585b438189b38331d1502d23cbab55aae1daa56afcffdd2242e5838dfd3291aa8cadd4
-
SSDEEP
12288:3lSLbFGyI6Lr4x6xsRzNgBlAU94uq43B2VrNoSv:VuL4xSsRzNgOuTx2VBv
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Adds Run key to start application
-