Overview

overview

10

Static

static

Scan01Orde...df.exe

windows7_x64

10

Scan01Orde...df.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e913ad1ba012af8eb0ce8b48d9a447946693799982c3e9745a3f2c8f7b05d12b

  • Size

    392KB

  • Sample

    220521-xemgqsbef7

  • MD5

    311dcdc7d947bdbecb9ec1e38e4ab98a

  • SHA1

    64244f521842ddc225c5d022f7583105fce6e4e2

  • SHA256

    e913ad1ba012af8eb0ce8b48d9a447946693799982c3e9745a3f2c8f7b05d12b

  • SHA512

    787b6f7386cf988717300ad71684e0946f3110bda514bfd37bd706274d5c1bc05db131738242ca4d3b2305ec8d594972941abbbeb9523419802468aeac4d4f0f

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      Scan01OrderAugust-pdf.exe

    • Size

      758KB

    • MD5

      ee716f3b1e68c21aebb1ae5a77e7ce76

    • SHA1

      a47b302b129342bfdc356de946a8e13d026d88b3

    • SHA256

      53136d19559089e0674af4ad81621b99a031741edcc486eb3d402fd180b1b77e

    • SHA512

      d958bca671d9dcd2502f25911274ebb262c77c5fb89c2909b276d08a5d9051de50b336120afcb7867ef55ee3dcdef837fea4b0d9fbec086cbf22fb5d2197c40b

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader First Stage

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks