General

  • Target

    dd9673695362e5a835c29384df7d7454

  • Size

    714KB

  • Sample

    240325-kl3fbabd98

  • MD5

    dd9673695362e5a835c29384df7d7454

  • SHA1

    34e74ff46c36db6c91674bc4f0cf0f9e5d8914f2

  • SHA256

    c265a7b9eca7be371801cf9f11e9b346e2e6e0671c5b590eca25c84a3c5e5760

  • SHA512

    6a06e1e24a8caef242dc0452226688752d60859397416210fa7b4a3600af870b3b8518c55a97c86f7515baf1da8c4cbd8718d8943ccbe7394a4c928db21890bb

  • SSDEEP

    12288:WOQ+AYWe2b1AGyzijgkguO4HvolGWMIwgWj+9b:WPxYjJinvqMIDWj2b

Score
10/10

Malware Config

Targets

    • Target

      dd9673695362e5a835c29384df7d7454

    • Size

      714KB

    • MD5

      dd9673695362e5a835c29384df7d7454

    • SHA1

      34e74ff46c36db6c91674bc4f0cf0f9e5d8914f2

    • SHA256

      c265a7b9eca7be371801cf9f11e9b346e2e6e0671c5b590eca25c84a3c5e5760

    • SHA512

      6a06e1e24a8caef242dc0452226688752d60859397416210fa7b4a3600af870b3b8518c55a97c86f7515baf1da8c4cbd8718d8943ccbe7394a4c928db21890bb

    • SSDEEP

      12288:WOQ+AYWe2b1AGyzijgkguO4HvolGWMIwgWj+9b:WPxYjJinvqMIDWj2b

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks