General
-
Target
Build1.exe
-
Size
18KB
-
Sample
240505-n3ktdace54
-
MD5
a4b14b3833555e5a0687838bbea8553d
-
SHA1
fb2a65cd531bfb47023ce37dea1bae4e6f572ba3
-
SHA256
b4235f7583ae798d313b878ad9639a5646c04b45a1d9f43d1fa09c37163c6e78
-
SHA512
1ca5731abd0c157747e0df0a112b6ca9698937fef6e3d37d5608e1ad5292a68ba330a7cb809149e69ed02b5ff3e093cebeb965fb3f1b797a25d8134de968cb96
-
SSDEEP
384:rEw7wknHOYXQdhLGPvCaV4pLS7OGQ8xy1Czcx4qhne:rEw7wkHOYEGPvCaV4pLzb1fx4
Behavioral task
behavioral1
Sample
Build1.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Build1.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Build1.exe
-
Size
18KB
-
MD5
a4b14b3833555e5a0687838bbea8553d
-
SHA1
fb2a65cd531bfb47023ce37dea1bae4e6f572ba3
-
SHA256
b4235f7583ae798d313b878ad9639a5646c04b45a1d9f43d1fa09c37163c6e78
-
SHA512
1ca5731abd0c157747e0df0a112b6ca9698937fef6e3d37d5608e1ad5292a68ba330a7cb809149e69ed02b5ff3e093cebeb965fb3f1b797a25d8134de968cb96
-
SSDEEP
384:rEw7wknHOYXQdhLGPvCaV4pLS7OGQ8xy1Czcx4qhne:rEw7wkHOYEGPvCaV4pLzb1fx4
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-