General

  • Target

    41e84e7b411f56956027cd6dc773bb7bd073f5c0357defea81b846a960a28f67.exe

  • Size

    1.0MB

  • Sample

    241031-crlqraymfp

  • MD5

    d62a0171b7aaf2205f0dd4c420876ec9

  • SHA1

    198dced8c35fcc0e25fdf2d44b48e8550c5cfa46

  • SHA256

    41e84e7b411f56956027cd6dc773bb7bd073f5c0357defea81b846a960a28f67

  • SHA512

    bd822e778b29cd55bff3b7a679c7e13cd994aa3d9d6b3e79f40c0b5ac35894a048cb82d4f79ba8427c374550ac121f73abbcb31e3ac1b3ae922eca2e2b63e249

  • SSDEEP

    24576:ZVb5KPAdOzVmG3zd+iIDT8Jf3pbV13Jks:ZVhOhd+iI8t5X

Malware Config

Targets

    • Target

      41e84e7b411f56956027cd6dc773bb7bd073f5c0357defea81b846a960a28f67.exe

    • Size

      1.0MB

    • MD5

      d62a0171b7aaf2205f0dd4c420876ec9

    • SHA1

      198dced8c35fcc0e25fdf2d44b48e8550c5cfa46

    • SHA256

      41e84e7b411f56956027cd6dc773bb7bd073f5c0357defea81b846a960a28f67

    • SHA512

      bd822e778b29cd55bff3b7a679c7e13cd994aa3d9d6b3e79f40c0b5ac35894a048cb82d4f79ba8427c374550ac121f73abbcb31e3ac1b3ae922eca2e2b63e249

    • SSDEEP

      24576:ZVb5KPAdOzVmG3zd+iIDT8Jf3pbV13Jks:ZVhOhd+iI8t5X

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • ModiLoader Second Stage

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks