General
-
Target
b8a7e1135818fa4dbb26b1f50f96c01b8f7793467543769c18c0dd48fbedaf25N
-
Size
1.3MB
-
Sample
240919-1v56katarl
-
MD5
e6c8fa729ebd280d8694f77f6d08de50
-
SHA1
7516a7e670c93093e9094f92a4ed884e92064f1f
-
SHA256
b8a7e1135818fa4dbb26b1f50f96c01b8f7793467543769c18c0dd48fbedaf25
-
SHA512
cf2e396eecb8176277cf971416d543de89090640ffdb6e2a1a65b542a0562d1590b978636aa5a3ce3819a56d160bd9caea002678791cc1ff2da34d7e0ea9eaf8
-
SSDEEP
24576:FXSC2KWXvuiq+kgJLjezttWAkynzZdaWF084N4232jO4c:0C2DXWiq+kVzzpK/N3g
Behavioral task
behavioral1
Sample
b8a7e1135818fa4dbb26b1f50f96c01b8f7793467543769c18c0dd48fbedaf25N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b8a7e1135818fa4dbb26b1f50f96c01b8f7793467543769c18c0dd48fbedaf25N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b8a7e1135818fa4dbb26b1f50f96c01b8f7793467543769c18c0dd48fbedaf25N
-
Size
1.3MB
-
MD5
e6c8fa729ebd280d8694f77f6d08de50
-
SHA1
7516a7e670c93093e9094f92a4ed884e92064f1f
-
SHA256
b8a7e1135818fa4dbb26b1f50f96c01b8f7793467543769c18c0dd48fbedaf25
-
SHA512
cf2e396eecb8176277cf971416d543de89090640ffdb6e2a1a65b542a0562d1590b978636aa5a3ce3819a56d160bd9caea002678791cc1ff2da34d7e0ea9eaf8
-
SSDEEP
24576:FXSC2KWXvuiq+kgJLjezttWAkynzZdaWF084N4232jO4c:0C2DXWiq+kVzzpK/N3g
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-