General
-
Target
8e01c07867ea9bc53ce7a998669c596a
-
Size
70KB
-
Sample
240204-c4h6dsfdg8
-
MD5
8e01c07867ea9bc53ce7a998669c596a
-
SHA1
4c6a67a2c597ff3b28be9f5bb4c2093a332f6b7f
-
SHA256
21769e7c4bf766854588cf8086c14d5f28fd8796d39ab9056a9dabc0aa2dc83f
-
SHA512
ccb31203bc5650c35431a3f2d8383be6134bd66293a576690af545bbb91ab4605549f0ce72923dbdff222175f989de3079116490b95c7e39133e1f7fbd006b47
-
SSDEEP
768:dIpMZLNL8aaLiyktfkOgRyRj0VDgaeTKjQoaj8fXKSCquMH0GQuJIq5OpBl+gROU:hZLNLalDc6Kmsof1CquMH0GQ2OpBl+
Behavioral task
behavioral1
Sample
8e01c07867ea9bc53ce7a998669c596a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8e01c07867ea9bc53ce7a998669c596a.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
8e01c07867ea9bc53ce7a998669c596a
-
Size
70KB
-
MD5
8e01c07867ea9bc53ce7a998669c596a
-
SHA1
4c6a67a2c597ff3b28be9f5bb4c2093a332f6b7f
-
SHA256
21769e7c4bf766854588cf8086c14d5f28fd8796d39ab9056a9dabc0aa2dc83f
-
SHA512
ccb31203bc5650c35431a3f2d8383be6134bd66293a576690af545bbb91ab4605549f0ce72923dbdff222175f989de3079116490b95c7e39133e1f7fbd006b47
-
SSDEEP
768:dIpMZLNL8aaLiyktfkOgRyRj0VDgaeTKjQoaj8fXKSCquMH0GQuJIq5OpBl+gROU:hZLNLalDc6Kmsof1CquMH0GQ2OpBl+
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-