General
-
Target
8b8acd71579d7484a20fc0dd20e3e4ac
-
Size
1.4MB
-
Sample
240203-geh7baadg3
-
MD5
8b8acd71579d7484a20fc0dd20e3e4ac
-
SHA1
2d31584c95fa3eb08b4e60e21e047ebc442db878
-
SHA256
4c5536999650f1c382d692477ab3ed5a825bae4f1286eaf2d4e491697c8ed142
-
SHA512
9e12b76f118550e1b5a5715becd80fc4398b58f47e43d36a673ce229153722a5dd903609e3d81f7ac0c85eb27aba98312fc15e6ef9e9862d1da88a39a19e73fe
-
SSDEEP
24576:Rkeh05raBAXYhj7OVkV1DOpRpvCJnO8xPyTovN+IrIjU0/dmigBY3mcj6ZgAE/Z4:RkXAWoVAkvDOpRpvSxtV+IM5NKkmXZW2
Static task
static1
Behavioral task
behavioral1
Sample
8b8acd71579d7484a20fc0dd20e3e4ac.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8b8acd71579d7484a20fc0dd20e3e4ac.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
8b8acd71579d7484a20fc0dd20e3e4ac
-
Size
1.4MB
-
MD5
8b8acd71579d7484a20fc0dd20e3e4ac
-
SHA1
2d31584c95fa3eb08b4e60e21e047ebc442db878
-
SHA256
4c5536999650f1c382d692477ab3ed5a825bae4f1286eaf2d4e491697c8ed142
-
SHA512
9e12b76f118550e1b5a5715becd80fc4398b58f47e43d36a673ce229153722a5dd903609e3d81f7ac0c85eb27aba98312fc15e6ef9e9862d1da88a39a19e73fe
-
SSDEEP
24576:Rkeh05raBAXYhj7OVkV1DOpRpvCJnO8xPyTovN+IrIjU0/dmigBY3mcj6ZgAE/Z4:RkXAWoVAkvDOpRpvSxtV+IM5NKkmXZW2
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of SetThreadContext
-