General

  • Target

    844d8d1d8d8433bcc1c3544710f7c7c4

  • Size

    581KB

  • Sample

    240131-nm5hvadagl

  • MD5

    844d8d1d8d8433bcc1c3544710f7c7c4

  • SHA1

    67d69c458c70a16198053b1907ee23e0127a6129

  • SHA256

    c1e30fb160db896535af7ca663c1efd9dfe1816e61c4fc84e9771ae7b1803df4

  • SHA512

    e16734967ab2ebbe5edbedf824f2367b98f81653a3b05526b066a9d004cb3f17cb25bfba44067e8b3fa8fe0768abc7171ae0bf6d032658f8e69a723e123c6c3a

  • SSDEEP

    12288:HMQd1N/kHl9vKcFw2CM6F3Z4mxxp/N93uDeb3ZIAo:HM+N8Hl9xHCM6QmXpVZu23ho

Score
10/10

Malware Config

Targets

    • Target

      844d8d1d8d8433bcc1c3544710f7c7c4

    • Size

      581KB

    • MD5

      844d8d1d8d8433bcc1c3544710f7c7c4

    • SHA1

      67d69c458c70a16198053b1907ee23e0127a6129

    • SHA256

      c1e30fb160db896535af7ca663c1efd9dfe1816e61c4fc84e9771ae7b1803df4

    • SHA512

      e16734967ab2ebbe5edbedf824f2367b98f81653a3b05526b066a9d004cb3f17cb25bfba44067e8b3fa8fe0768abc7171ae0bf6d032658f8e69a723e123c6c3a

    • SSDEEP

      12288:HMQd1N/kHl9vKcFw2CM6F3Z4mxxp/N93uDeb3ZIAo:HM+N8Hl9xHCM6QmXpVZu23ho

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks