General
-
Target
c9fa5ed936b3c7dde4c90b453c9bc95f08beb8d06af8e59dc02f4526b7fee017
-
Size
922KB
-
Sample
240614-ckzc9svgkn
-
MD5
d6f648d2046bf63db2ea18c19c84750e
-
SHA1
c01dffabea9454d9fc3bbf2d574e651dbd9c7331
-
SHA256
c9fa5ed936b3c7dde4c90b453c9bc95f08beb8d06af8e59dc02f4526b7fee017
-
SHA512
4721d0f87455a1985b78c8f5631860c5dc0cdc42ec98180f1dbb9ad410caed15299622b7186482709b428c17f2582fd65b16f05489a9d6dca2bf5fbe92cfea6f
-
SSDEEP
24576:4ZOFqSJkI8JEpaOsnhKemMKeNhGgCqnThNV:4ZOFqSJ0s9ReswRJndP
Static task
static1
Behavioral task
behavioral1
Sample
invoice_569685.cmd
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
invoice_569685.cmd
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
invoice_569685.cmd
-
Size
3.2MB
-
MD5
a44d0923af9248d5844169ae5e465b5d
-
SHA1
9478acd0c7c630a51ec64a553a135a3f50d135bb
-
SHA256
7d2e08e27b338c8a834d696def4ff2f541e6b19e4d550f42b5c5423fb455e56a
-
SHA512
1035a085fb6c5f94347048433a5b2c78ff23ffff69bcca9114ad4f9e36ea048022652a8234f54912e5ee1c372c66dae6a5d4d4c60fdae2c1d3347abb7a3b2faf
-
SSDEEP
49152:6oxyJptV+hMsrY2Dp1wrmaKY4L/A2v7380MG3LFQzPLDgV4R:K
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-