MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d24ec4174c05def71b13957a3ffaed85f1a298cc23a8045a0367212bfc557418. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


ModiLoader


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d24ec4174c05def71b13957a3ffaed85f1a298cc23a8045a0367212bfc557418
SHA3-384 hash: 2934b0d09e26678da720fe1430a7a94a178e9eaa5466900c597456c7a87b6df25d6b1c8390e43cebca7de414b6b10803
SHA1 hash: c6fffd3327f2d687d00e94adcf8c5779c4a253be
MD5 hash: af370d1aee214714fe80c9a99d3ce574
humanhash: dakota-florida-spring-papa
File name:Scan_quaxgdx_Signed.img
Download: download sample
Signature ModiLoader
Create hunting rule
File size:1'638'400 bytes
First seen:2020-10-21 08:50:52 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:/hVKeF40BRicbRToD1whMmvlThTD3mG91gX2jU6vG4fMsdF6eID:/hU0RicG6b9T17mG9uX2NGDkF6zD
TLSH 7C756C627390C332D072C6B9CC5EA6797599FE40ED287846F7AC7D4A6F35E81242B243
Reporter abuse_ch
Tags:img ModiLoader


Avatar
abuse_ch
Malspam distributing ModiLoader:

HELO: mail.chequedejeuner.ro
Sending IP: 89.238.212.69
From: Alexandru Incze <aincze_norman@safetysuppliesdirect.co.uk>
Reply-To: Alexandru Incze <aincze_norman@safetysuppliesdirect.co.uk>
Subject: For Your Kind Attention - Kindly Advise on Availability of Listed Materials
Attachment: Scan_quaxgdx_Signed.img (contains "Scan_quaxgdx_Signed_.bat")

Intelligence

File Origin
# of uploads :
1
# of downloads :
72
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Artemis40C354B68313.10960.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d24ec4174c05def71b13957a3ffaed85f1a298cc23a8045a0367212bfc557418/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2jhmif2maxppogytsv5d76xnqxy2fggmeouaiwqdm4qsx7cvoqma._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

ModiLoader

img d24ec4174c05def71b13957a3ffaed85f1a298cc23a8045a0367212bfc557418

(this sample)

ModiLoader

Executable exe a51241f19d9e2f370c5fca701fb761a5faef8d2f0a16de8ddad6a1936020cdd3

  
Dropping
MD5 4eadda589b3f6dbf60b047711b33f43b
  
Dropping
ModiLoader
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 a51241f19d9e2f370c5fca701fb761a5faef8d2f0a16de8ddad6a1936020cdd3

Comments