General
-
Target
8db1b5fa3d21283c306991a06c1bbf06
-
Size
277KB
-
Sample
240203-3yhksafahm
-
MD5
8db1b5fa3d21283c306991a06c1bbf06
-
SHA1
03d3bbe5189653e1ae7066ab02a63737ef52bb3d
-
SHA256
f4e313e106cbbde6a98c5d2a73dcfe1a5589bec2dea2bbcc322c16b9f4211f19
-
SHA512
4788869dcba755f328c3d5b634f0aa17200b3a60fd9d4ec002f6575f9161367f963796cc7bb92db239b3fd7ef7cedc93295ad15823e6bddacd05fdc2b67f25ca
-
SSDEEP
6144:cWpIfbek5AyaBaFEeWjFLAFc9u5iCHgOfPCComz:rGfbek5A1Bae539uHHgEaK
Static task
static1
Behavioral task
behavioral1
Sample
8db1b5fa3d21283c306991a06c1bbf06.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8db1b5fa3d21283c306991a06c1bbf06.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
8db1b5fa3d21283c306991a06c1bbf06
-
Size
277KB
-
MD5
8db1b5fa3d21283c306991a06c1bbf06
-
SHA1
03d3bbe5189653e1ae7066ab02a63737ef52bb3d
-
SHA256
f4e313e106cbbde6a98c5d2a73dcfe1a5589bec2dea2bbcc322c16b9f4211f19
-
SHA512
4788869dcba755f328c3d5b634f0aa17200b3a60fd9d4ec002f6575f9161367f963796cc7bb92db239b3fd7ef7cedc93295ad15823e6bddacd05fdc2b67f25ca
-
SSDEEP
6144:cWpIfbek5AyaBaFEeWjFLAFc9u5iCHgOfPCComz:rGfbek5A1Bae539uHHgEaK
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-