Overview

overview

10

Static

static

3e4dc9e33a...b5.exe

windows7-x64

10

3e4dc9e33a...b5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3e4dc9e33a1b3bc675e60584d9b253e7cea0c2c96301e52311ff8265052d52b5

  • Size

    1.2MB

  • Sample

    220919-gzv2lsbfg3

  • MD5

    36329453b2053b66e29f1f22dc78428b

  • SHA1

    4bb82d97d6fde11ccc3bba4b82702d0b3559b11a

  • SHA256

    3e4dc9e33a1b3bc675e60584d9b253e7cea0c2c96301e52311ff8265052d52b5

  • SHA512

    a145b09306920959675392b2283380e3f722a1d23ce358f401d713f8c69b11830cbc2f70723c837c735794715115b3516d5f51b6e4763cd7c18b802839b5fa5c

  • SSDEEP

    24576:GTvb55rW5KOzgFr5vlFJxCps95h9yApCGJRQzI2x:e1gLEVCpzwbJRuIu

Score
10/10
modiloaderaspackv2trojan

Malware Config

Targets

    • Target

      3e4dc9e33a1b3bc675e60584d9b253e7cea0c2c96301e52311ff8265052d52b5

    • Size

      1.2MB

    • MD5

      36329453b2053b66e29f1f22dc78428b

    • SHA1

      4bb82d97d6fde11ccc3bba4b82702d0b3559b11a

    • SHA256

      3e4dc9e33a1b3bc675e60584d9b253e7cea0c2c96301e52311ff8265052d52b5

    • SHA512

      a145b09306920959675392b2283380e3f722a1d23ce358f401d713f8c69b11830cbc2f70723c837c735794715115b3516d5f51b6e4763cd7c18b802839b5fa5c

    • SSDEEP

      24576:GTvb55rW5KOzgFr5vlFJxCps95h9yApCGJRQzI2x:e1gLEVCpzwbJRuIu

    Score
    10/10
    modiloaderaspackv2trojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks