MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8434f255441cd348a87ee9886f4000000f75e98ade5caf0b9e53f8c3f213b45a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

ModiLoader

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	8434f255441cd348a87ee9886f4000000f75e98ade5caf0b9e53f8c3f213b45a
SHA3-384 hash:	9087ccca0afb76c509c162ce882e4d2aabcdcc7b60b39a80319891ef0b5df434e8d395833eabe0d0be9db2e12a0e27d1
SHA1 hash:	81d77721b6c9ac628b6d011b46998ff05edb19e6
MD5 hash:	81ab0e356104e7e8abae1e7417427fa0
humanhash:	steak-neptune-enemy-wolfram
File name:	Νέα παραγγελία.zip
Download:	download sample
Signature	ModiLoader Create hunting rule
File size:	1'195'828 bytes
First seen:	2020-08-18 07:38:12 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	24576:975myArIQg4Y9eyg/op6HrMX1T0hjesKbh2rzJ9xpclpo2m9da:HyIQPKeyg/86gFT0XrzXwllmXa
TLSH	C245330A9C6416C5FCEEEE774606092ED8FE9D28EC5ADD2CEE38CBF8443510709B6519
Reporter	abuse_ch
Tags:	geo GRC ModiLoader zip

abuse_ch

Malspam distributing ModiLoader:

HELO: server.dortgyazilim.com
Sending IP: 37.123.97.174
From: servisteel@metka.gr
Subject: Re: Re: Νέα παραγγελία
Attachment: Νέα παραγγελία.zip (contains "Jnobsbh_Signed_.exe")