General
-
Target
cba2f888e4d9246e11708dd4cf62cc4eed645abd37ec7cda5ee278b76d21a377.exe
-
Size
90KB
-
Sample
241222-gbhflswlhm
-
MD5
568191ff4d42f3b4e07c846000396d53
-
SHA1
a00dcd3c927796699210b90f2b26b0994b176b28
-
SHA256
cba2f888e4d9246e11708dd4cf62cc4eed645abd37ec7cda5ee278b76d21a377
-
SHA512
62cb24feaa515846fcb03674b8b9cc6b86117d889c7dfc6431611681df3eb97d98080f6ab1adeaad779511150a10647830d66ba2d28f2730fd89663a09f85b04
-
SSDEEP
1536:UiYwjQt6QJvzZsgDIWzm/xsXfv+hYhyQQyV5uv4JBrB7w5VRGulTG1ZCL8nj1oDM:0wjZQJvzZsgsW6/Afv+hYfQIm4/rdE3K
Behavioral task
behavioral1
Sample
cba2f888e4d9246e11708dd4cf62cc4eed645abd37ec7cda5ee278b76d21a377.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cba2f888e4d9246e11708dd4cf62cc4eed645abd37ec7cda5ee278b76d21a377.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
cba2f888e4d9246e11708dd4cf62cc4eed645abd37ec7cda5ee278b76d21a377.exe
-
Size
90KB
-
MD5
568191ff4d42f3b4e07c846000396d53
-
SHA1
a00dcd3c927796699210b90f2b26b0994b176b28
-
SHA256
cba2f888e4d9246e11708dd4cf62cc4eed645abd37ec7cda5ee278b76d21a377
-
SHA512
62cb24feaa515846fcb03674b8b9cc6b86117d889c7dfc6431611681df3eb97d98080f6ab1adeaad779511150a10647830d66ba2d28f2730fd89663a09f85b04
-
SSDEEP
1536:UiYwjQt6QJvzZsgDIWzm/xsXfv+hYhyQQyV5uv4JBrB7w5VRGulTG1ZCL8nj1oDM:0wjZQJvzZsgsW6/Afv+hYfQIm4/rdE3K
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
Modiloader family
-
ModiLoader Second Stage
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-