modiloader | 1988318391a2a470290f7bfde5c6ef2a1f8d67461dac019b9a6af65fdfe77c01 | Triage

Sharing

General

Target

1988318391a2a470290f7bfde5c6ef2a1f8d67461dac019b9a6af65fdfe77c01
Size

38KB
Sample

221123-3l4bqacg46
MD5

16b48000f29c673acff6edf9dc00da1a
SHA1

ab1ce71c858de5103b9609072f8b8cfb5d29905f
SHA256

1988318391a2a470290f7bfde5c6ef2a1f8d67461dac019b9a6af65fdfe77c01
SHA512

a3c193c23bd9e590e2766fe3658a0385c5921084e10f5d92d9167847a6f657502bde8b2de8289485825dc4a5ae333b9c5f829ca1131bfd9b889a30acf5376d70
SSDEEP

384:uef57+f2a/zf+C0bxnunr5i7n2FbtauavQz9ygh:tI3/bUVnunrZFKYzc

Score

10^/10

modiloader

Malware Config

Targets

- Target
  
  1988318391a2a470290f7bfde5c6ef2a1f8d67461dac019b9a6af65fdfe77c01
- Size
  
  38KB
- MD5
  
  16b48000f29c673acff6edf9dc00da1a
- SHA1
  
  ab1ce71c858de5103b9609072f8b8cfb5d29905f
- SHA256
  
  1988318391a2a470290f7bfde5c6ef2a1f8d67461dac019b9a6af65fdfe77c01
- SHA512
  
  a3c193c23bd9e590e2766fe3658a0385c5921084e10f5d92d9167847a6f657502bde8b2de8289485825dc4a5ae333b9c5f829ca1131bfd9b889a30acf5376d70
- SSDEEP
  
  384:uef57+f2a/zf+C0bxnunr5i7n2FbtauavQz9ygh:tI3/bUVnunrZFKYzc
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2