General

  • Target

    5f151c5ffba68f39fc72de02d40005063ac18a975603ee2a42bd32571a56a75f

  • Size

    1MB

  • Sample

    220420-ewkelafdbl

  • MD5

    3112e3d3d3d97c54cf011ea5dd15e563

  • SHA1

    3a40515aedaae14026ec6ebbee8e8cbf95a794ce

  • SHA256

    5f151c5ffba68f39fc72de02d40005063ac18a975603ee2a42bd32571a56a75f

  • SHA512

    7555bd105c72a1a0ef595eed192b625cd9bb622e59ce26c0ac74f0fe1b44bb3db68ecf7d0f7251ea043192c4359c1da1171089d1b28f2aa2ce4c2ec41cdbd284

Score
10/10

Malware Config

Extracted

Family

modiloader

C2

https://cdn.discordapp.com/attachments/762895490362638339/771588549140807691/Sxzucos

Targets

    • Target

      5f151c5ffba68f39fc72de02d40005063ac18a975603ee2a42bd32571a56a75f

    • Size

      1MB

    • MD5

      3112e3d3d3d97c54cf011ea5dd15e563

    • SHA1

      3a40515aedaae14026ec6ebbee8e8cbf95a794ce

    • SHA256

      5f151c5ffba68f39fc72de02d40005063ac18a975603ee2a42bd32571a56a75f

    • SHA512

      7555bd105c72a1a0ef595eed192b625cd9bb622e59ce26c0ac74f0fe1b44bb3db68ecf7d0f7251ea043192c4359c1da1171089d1b28f2aa2ce4c2ec41cdbd284

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader First Stage

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks