Overview

overview

10

Static

static

8

4b048bbef7...0b.exe

windows7-x64

10

4b048bbef7...0b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b048bbef798d81e07cbfb3f94b2b89e565b62028ac404dce86eb88e12c5270b

  • Size

    472KB

  • Sample

    221124-d7mteseg64

  • MD5

    df9bdeba1578849cdb82f8edf96f3ff6

  • SHA1

    dfc9e07687558ecf349e1183c866c5ba288fe4c1

  • SHA256

    4b048bbef798d81e07cbfb3f94b2b89e565b62028ac404dce86eb88e12c5270b

  • SHA512

    d9d3759ba20d2dfd7485a891b36fdb013cec8d29772cc84e5ac13dc8cdecb03bc10d46699dbc6d20cb6b34da6acfdb9e51a60188a160f642beca07a85bebcb4b

  • SSDEEP

    6144:7IrPj0NmWtNPoSWChPKcGmnVMGEkUnPPysrfn46kfFV76K/VnId1QY8Iy6Exx8dk:7q0NxPoSvnVCnPVS3FJRw

Score
10/10
modiloaderevasiontrojanupx

Malware Config

Targets

    • Target

      4b048bbef798d81e07cbfb3f94b2b89e565b62028ac404dce86eb88e12c5270b

    • Size

      472KB

    • MD5

      df9bdeba1578849cdb82f8edf96f3ff6

    • SHA1

      dfc9e07687558ecf349e1183c866c5ba288fe4c1

    • SHA256

      4b048bbef798d81e07cbfb3f94b2b89e565b62028ac404dce86eb88e12c5270b

    • SHA512

      d9d3759ba20d2dfd7485a891b36fdb013cec8d29772cc84e5ac13dc8cdecb03bc10d46699dbc6d20cb6b34da6acfdb9e51a60188a160f642beca07a85bebcb4b

    • SSDEEP

      6144:7IrPj0NmWtNPoSWChPKcGmnVMGEkUnPPysrfn46kfFV76K/VnId1QY8Iy6Exx8dk:7q0NxPoSvnVCnPVS3FJRw

    Score
    10/10
    modiloaderevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks