General
-
Target
03a2cf836e01c4bbda317dff5f0bc869
-
Size
279KB
-
Sample
231229-zmnqwabcc8
-
MD5
03a2cf836e01c4bbda317dff5f0bc869
-
SHA1
9f0746dc4f9698b7b5916f4327bfb50e27ef73d8
-
SHA256
ed68d679c7ebc0a1b23b215cda2d370a0da53ca08a8d296ffda986a434ff6596
-
SHA512
aeb876ed448acd8a11d4d5da22fc92c1d755990bac4ac8935bfd52bd431d4c96a94c517c1d74f62be74a429c3eebc52e3d9d922919de66d8c7e1c0566e14c4db
-
SSDEEP
6144:nR0XMxh2JejPu6nDSCejtRbxZaBwoJjkE5Mx7xSw33V0dLOwm:OXMxhMebBDnSxE7jkIImFdm
Malware Config
Targets
-
-
Target
03a2cf836e01c4bbda317dff5f0bc869
-
Size
279KB
-
MD5
03a2cf836e01c4bbda317dff5f0bc869
-
SHA1
9f0746dc4f9698b7b5916f4327bfb50e27ef73d8
-
SHA256
ed68d679c7ebc0a1b23b215cda2d370a0da53ca08a8d296ffda986a434ff6596
-
SHA512
aeb876ed448acd8a11d4d5da22fc92c1d755990bac4ac8935bfd52bd431d4c96a94c517c1d74f62be74a429c3eebc52e3d9d922919de66d8c7e1c0566e14c4db
-
SSDEEP
6144:nR0XMxh2JejPu6nDSCejtRbxZaBwoJjkE5Mx7xSw33V0dLOwm:OXMxhMebBDnSxE7jkIImFdm
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-