Overview

overview

10

Static

static

0deba358be...fc.exe

windows7-x64

10

0deba358be...fc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0deba358beb36c517c69c88cf0d186f40a028ca4cc3528978f6cc9f34ceefafc

  • Size

    544KB

  • Sample

    221003-3vfxsacgep

  • MD5

    61584f3fce0bf125d9d0f990f649fac0

  • SHA1

    32161dc065cc6598d39de5d80fe38c02e89a0e5d

  • SHA256

    0deba358beb36c517c69c88cf0d186f40a028ca4cc3528978f6cc9f34ceefafc

  • SHA512

    85c7d3ca92b3b8f9abb39477281a9263c33a09399254c59f17360d668212d3227f49991670ea7f8a02042f1925427cd074d2b23b1d8bd9f0d2f7188a87a1ada2

  • SSDEEP

    6144:Qjbeizt9nsp71eytJZCDimN18FAiF2idZecnl20lHRxp3gmncduD7yB9VCO6ScoH:QugzWtSj1v+F3Z4mxxlDqVTVOC

Score
10/10
modiloaderpersistencetrojan

Malware Config

Targets

    • Target

      0deba358beb36c517c69c88cf0d186f40a028ca4cc3528978f6cc9f34ceefafc

    • Size

      544KB

    • MD5

      61584f3fce0bf125d9d0f990f649fac0

    • SHA1

      32161dc065cc6598d39de5d80fe38c02e89a0e5d

    • SHA256

      0deba358beb36c517c69c88cf0d186f40a028ca4cc3528978f6cc9f34ceefafc

    • SHA512

      85c7d3ca92b3b8f9abb39477281a9263c33a09399254c59f17360d668212d3227f49991670ea7f8a02042f1925427cd074d2b23b1d8bd9f0d2f7188a87a1ada2

    • SSDEEP

      6144:Qjbeizt9nsp71eytJZCDimN18FAiF2idZecnl20lHRxp3gmncduD7yB9VCO6ScoH:QugzWtSj1v+F3Z4mxxlDqVTVOC

    Score
    10/10
    modiloaderpersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks