General
-
Target
Desktop.zip
-
Size
434KB
-
Sample
240909-bkbfrsvblk
-
MD5
ac596e64b4533c5e72acc9b2a7b64475
-
SHA1
9aa93d7c6c40d116c47b5b5121198e45b18dbc45
-
SHA256
1570bcbbbf04d1ea40a11eb746494f190ebdd41a1d209303c53b1f9c8bae5751
-
SHA512
c871fe2722e4168ad448db06e2be761974eb2d53b2529ca1a629b74fb15e1b3bc1e08f38221807d19e086b73b1819b6bf6965f6a1f9329567e624779b5c363a4
-
SSDEEP
6144:B4YmeOpiE3zzDUls5DrSz/Cw6qaQACCv5Efcts33vnDtrqZH3btyKE7k2c7RePFt:O64zztrSz6wPZCEfB31CrMQltet1P
Malware Config
Targets
-
-
Target
1.exe
-
Size
291KB
-
MD5
a20bd00f9ac293e34d67738b43d0ae47
-
SHA1
0282ff8500571f33d7aed3385bcf910bae2a27e7
-
SHA256
dcbb50308915cee5abd5b3b8dfb09d0ef2b73b9e26c7138a3c5ef21bc50bb1b5
-
SHA512
1c348c07113a5bbab4f977b27c5b37146f1ed535f563d8f65b605eb03efb68f31979b02d96db21e01c249cc273c91a21d17fe3d2bc22c53ecdafa40d8ab46336
-
SSDEEP
6144:NgDjBNlri63RBDUls5DrIzHCcB/6zA2CvdEpct0yrbcrUpsj02:NgDVNkeRBtrIzic0zjwEpVyPcwpsg2
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
-
-
Target
2.com
-
Size
163KB
-
MD5
9c92880c6a4f7f5127a69d93df0f87c7
-
SHA1
22c011054cdff107a0d5275b3cee85fa61848c57
-
SHA256
77c336f9db444c7b41577cf1fd4f98a1649f50941d29d14b93988c937a99ff78
-
SHA512
d53f91c591eaec61c2010909acdc61ddcd73bd5b6d024bbcf1626fffdf5124f691caf0ff8765aaa6e8401689767aeea8e9a187c31e28be02b71c3e1e585b5703
-
SSDEEP
3072:Izu1Poh4PUC94RGjiirzWekkE7alCBcE0/BDe7jZxdDNAL:awoh4P7ryyE702c7NePFD
Score3/10 -