modiloader | 70a27beb08cdb5734f4e3fe42c308023aaac9bc13ed983f791dae1fd775139ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70a27beb08cdb5734f4e3fe42c308023aaac9bc13ed983f791dae1fd775139ad
Size

61KB
Sample

221123-3l2g5afh9x
MD5

52cbe58d46b656ac029563b7eafcdb21
SHA1

7747356b21096090e6c84aa2bd5df7f31f1738ec
SHA256

70a27beb08cdb5734f4e3fe42c308023aaac9bc13ed983f791dae1fd775139ad
SHA512

b1967b4c95b10fb72f30801dce24e2bdc0ac0a1bc1cfb15341c1eadf6c19afb538b2a045787846eaba5cb4595fac2b58285e21514771e8c264f98939b18839c1
SSDEEP

768:QI3SrvT7gloq+zTgvwefMmKRHwueAZypfCXGjbMCpRYiY4J1WC:QXvAlo3cwefM2lwsfCWjdeiLJ1WC

Score

10^/10

modiloader

Malware Config

Targets

- Target
  
  70a27beb08cdb5734f4e3fe42c308023aaac9bc13ed983f791dae1fd775139ad
- Size
  
  61KB
- MD5
  
  52cbe58d46b656ac029563b7eafcdb21
- SHA1
  
  7747356b21096090e6c84aa2bd5df7f31f1738ec
- SHA256
  
  70a27beb08cdb5734f4e3fe42c308023aaac9bc13ed983f791dae1fd775139ad
- SHA512
  
  b1967b4c95b10fb72f30801dce24e2bdc0ac0a1bc1cfb15341c1eadf6c19afb538b2a045787846eaba5cb4595fac2b58285e21514771e8c264f98939b18839c1
- SSDEEP
  
  768:QI3SrvT7gloq+zTgvwefMmKRHwueAZypfCXGjbMCpRYiY4J1WC:QXvAlo3cwefM2lwsfCWjdeiLJ1WC
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2