Overview

overview

10

Static

static

0f559c7ea2...37.exe

windows7_x64

10

0f559c7ea2...37.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f559c7ea254285bab84e60d2a5e8037

  • Size

    922KB

  • Sample

    211210-rwallsacdm

  • MD5

    0f559c7ea254285bab84e60d2a5e8037

  • SHA1

    388cfbde34fcc37f5f334ef39d29b5f3e655fed0

  • SHA256

    2cbccb76adf567a82d9d6fcbf7a6c02bce157e1870df149af7391b20b9fdc672

  • SHA512

    9184568937a92cd99d4dc2981dae9bdad139781a1bce87c553b9dad6052654531f2f9ebfc72977e00d2bd4b24a11671317e5cd778150c5a915ec87b739b77ef0

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      0f559c7ea254285bab84e60d2a5e8037

    • Size

      922KB

    • MD5

      0f559c7ea254285bab84e60d2a5e8037

    • SHA1

      388cfbde34fcc37f5f334ef39d29b5f3e655fed0

    • SHA256

      2cbccb76adf567a82d9d6fcbf7a6c02bce157e1870df149af7391b20b9fdc672

    • SHA512

      9184568937a92cd99d4dc2981dae9bdad139781a1bce87c553b9dad6052654531f2f9ebfc72977e00d2bd4b24a11671317e5cd778150c5a915ec87b739b77ef0

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader First Stage

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks