Overview

overview

10

Static

static

java.exe

windows7-x64

10

java.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8f01c9abb0d4ccb6a1791ce880262f4cd205e0a3ee3c7a5ca9cc92694c1e179d

  • Size

    363KB

  • Sample

    221123-x6cfvaca8w

  • MD5

    77e4dcde656c6694ea7e8740c6e7d6fd

  • SHA1

    ee96de5e7b014d9deae3e87133d739238bf4aba7

  • SHA256

    8f01c9abb0d4ccb6a1791ce880262f4cd205e0a3ee3c7a5ca9cc92694c1e179d

  • SHA512

    7011887d56dc775002f395e5a79b2058e4d200502e07404050a89dc62869a17f2a21677a5d6c54ee9226af4177835a3c2930b9e9f803119fa09bc7da8b27c606

  • SSDEEP

    6144:QLsuQ6urGg2wne828sShVUgXjgc3kSWvyiMESWT5MLo8Xb0utMDFl:OS2wne8zm1c3kSWvyiMMT5MLoWbN+Fl

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      java.exe

    • Size

      380KB

    • MD5

      1ab27b63c1a49193f4b2f1f9554ca91b

    • SHA1

      a746201024f0cd21e1d10f4d435510e3f4de33d2

    • SHA256

      a644f4644a53319c1acefcd761d046e98a480f291ac0649f540a80dab570a237

    • SHA512

      03d41630e4d4cae5058ad3e9080e53e1657c1f1bae2503410551656cbc1e575b06f8828189ead40e1f96eb7a85bb5e292f2ebea952cc362a7ef6c61d7c2a9af5

    • SSDEEP

      6144:Hk8u7jp9fQ6u+JUuWj2bL30ct3PUgXjgc/kS8vyiYESWT5kLo8Xb0FAFnQslaHu3:UplTUJ2bLkct3s1c/kS8vyiYMT5kLoWt

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks