General
-
Target
8e2d738acd73a7bbcc2e2dec8c36f1e1
-
Size
628KB
-
Sample
240204-ephbnahda2
-
MD5
8e2d738acd73a7bbcc2e2dec8c36f1e1
-
SHA1
6d932eae1f0a18fe0a704f204bbdae5812a4a8c3
-
SHA256
1aa595344ad4c8d5c526bf404e0364f910326647963745b702cc5fde9c689d9e
-
SHA512
8f6beb8e380d076ae766dceae2565ac0f79a2a96e08e66046f0a58a99a3ffb3dbdf338fd4046da0409f6eaa2fb112b9045a077367d2166c60457492518bf86d0
-
SSDEEP
12288:5IgoJG4mXNsEc7RcsfS8udk8tF3Z4mxxDoEtlK+kt9T2MkmoPX+:iVjmXWEEWnhtQmX0GZm
Static task
static1
Behavioral task
behavioral1
Sample
8e2d738acd73a7bbcc2e2dec8c36f1e1.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8e2d738acd73a7bbcc2e2dec8c36f1e1.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
8e2d738acd73a7bbcc2e2dec8c36f1e1
-
Size
628KB
-
MD5
8e2d738acd73a7bbcc2e2dec8c36f1e1
-
SHA1
6d932eae1f0a18fe0a704f204bbdae5812a4a8c3
-
SHA256
1aa595344ad4c8d5c526bf404e0364f910326647963745b702cc5fde9c689d9e
-
SHA512
8f6beb8e380d076ae766dceae2565ac0f79a2a96e08e66046f0a58a99a3ffb3dbdf338fd4046da0409f6eaa2fb112b9045a077367d2166c60457492518bf86d0
-
SSDEEP
12288:5IgoJG4mXNsEc7RcsfS8udk8tF3Z4mxxDoEtlK+kt9T2MkmoPX+:iVjmXWEEWnhtQmX0GZm
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-