General
-
Target
USD470900_COPY_800BLHSBC882001.PDF.tar.gz
-
Size
1002KB
-
Sample
241119-rv1reaxgrp
-
MD5
8d2ef1e5832c1347adbce77da23dd85b
-
SHA1
cd2d2fd4445567a6acc7ba0d5e88e9a12c1283f7
-
SHA256
5d8e6414c7ee9bf8b314ceb9b2947743d97f5ca6eea088386d9d0dbe2c8c04bf
-
SHA512
d8f9814e445a18b5b03fb3931fee5146f05fc8933fabc8e552dadf59b03874079b416f7f9398b65f6942aad4c2a3c46f559f0838f1425d5606aef587b1a9fd50
-
SSDEEP
24576:Mrecoibwo7v+znqvsjpy/3mK4MU5j/WCy+YxD+Ga:Mr1oCwYvGnuTPmFv0D+YxDQ
Static task
static1
Behavioral task
behavioral1
Sample
USD470900_COPY_800BLHSBC882001.PDF.bat
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
USD470900_COPY_800BLHSBC882001.PDF.bat
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
USD470900_COPY_800BLHSBC882001.PDF.bat
-
Size
3.2MB
-
MD5
c96743116088d21b52516f16f4866f69
-
SHA1
9b9d500993f74ed975945419b6a25c03e80d8400
-
SHA256
58348cc94b984ca026fa0a319b93ac988a394ed3d5ec39c01c47a8e762ebdb16
-
SHA512
1a7520b8de10e9fb71f18f22287e298f25743a26ea946e71fb3b895bb8679f86986fe2b0ec30a0d7589cd85af404eca27d8ccf2a47f895f9c166c55660a8edd0
-
SSDEEP
24576:PdLbg3tuCmhfOs2TLie3m0nKaf5ohA87eR4xGVPTXJF7wb2l+qCWuj8lzoQjJpcp:PR03turhfwL8uJFlEoNZHk
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-