General

  • Target

    8b8acd71579d7484a20fc0dd20e3e4ac

  • Size

    1.4MB

  • Sample

    240203-geh7baadg3

  • MD5

    8b8acd71579d7484a20fc0dd20e3e4ac

  • SHA1

    2d31584c95fa3eb08b4e60e21e047ebc442db878

  • SHA256

    4c5536999650f1c382d692477ab3ed5a825bae4f1286eaf2d4e491697c8ed142

  • SHA512

    9e12b76f118550e1b5a5715becd80fc4398b58f47e43d36a673ce229153722a5dd903609e3d81f7ac0c85eb27aba98312fc15e6ef9e9862d1da88a39a19e73fe

  • SSDEEP

    24576:Rkeh05raBAXYhj7OVkV1DOpRpvCJnO8xPyTovN+IrIjU0/dmigBY3mcj6ZgAE/Z4:RkXAWoVAkvDOpRpvSxtV+IM5NKkmXZW2

Malware Config

Targets

    • Target

      8b8acd71579d7484a20fc0dd20e3e4ac

    • Size

      1.4MB

    • MD5

      8b8acd71579d7484a20fc0dd20e3e4ac

    • SHA1

      2d31584c95fa3eb08b4e60e21e047ebc442db878

    • SHA256

      4c5536999650f1c382d692477ab3ed5a825bae4f1286eaf2d4e491697c8ed142

    • SHA512

      9e12b76f118550e1b5a5715becd80fc4398b58f47e43d36a673ce229153722a5dd903609e3d81f7ac0c85eb27aba98312fc15e6ef9e9862d1da88a39a19e73fe

    • SSDEEP

      24576:Rkeh05raBAXYhj7OVkV1DOpRpvCJnO8xPyTovN+IrIjU0/dmigBY3mcj6ZgAE/Z4:RkXAWoVAkvDOpRpvSxtV+IM5NKkmXZW2

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks