General
-
Target
30102024_1558_x.exe
-
Size
1.0MB
-
Sample
241030-teym8awhnc
-
MD5
b67d69965c95d0f1ffba93e43531429e
-
SHA1
e2177031464a752896b84998404d644ec5282551
-
SHA256
b117c283d763848b58241b0012fde63a571306946d9fa435949d98a8c9774161
-
SHA512
76df3a575c29b1b015cd456ce305830cf4ad4d2e4877a069bc26f5fe143e64e8c55e28c84a5860f70fd6a1d105620ecd1ff16b5d6b725c81fcbc3f17dc6adae6
-
SSDEEP
24576:ZVb5KPAdOzVmG3zd+SIDT8Jf3pbV13Jks:ZVhOhd+SI8t5X
Static task
static1
Behavioral task
behavioral1
Sample
30102024_1558_x.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
30102024_1558_x.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
30102024_1558_x.exe
-
Size
1.0MB
-
MD5
b67d69965c95d0f1ffba93e43531429e
-
SHA1
e2177031464a752896b84998404d644ec5282551
-
SHA256
b117c283d763848b58241b0012fde63a571306946d9fa435949d98a8c9774161
-
SHA512
76df3a575c29b1b015cd456ce305830cf4ad4d2e4877a069bc26f5fe143e64e8c55e28c84a5860f70fd6a1d105620ecd1ff16b5d6b725c81fcbc3f17dc6adae6
-
SSDEEP
24576:ZVb5KPAdOzVmG3zd+SIDT8Jf3pbV13Jks:ZVhOhd+SI8t5X
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-