Overview

overview

10

Static

static

1

900cba3c4b...d8.exe

windows7-x64

10

900cba3c4b...d8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    900cba3c4b38e1a66ad523d82c32cfbd0a10811868c577fa90bd857c53e352d8

  • Size

    68KB

  • Sample

    221124-er2s3sbe6x

  • MD5

    25671d2df46045d8bbcdbaed2093f666

  • SHA1

    19232237c28df6a6fefd58620f03749ef9cd4bcd

  • SHA256

    900cba3c4b38e1a66ad523d82c32cfbd0a10811868c577fa90bd857c53e352d8

  • SHA512

    5de220e553f73d136ac1f3195cb5712f9c31017b313b44a1471bfe2fe7342e0f9e25dcbffc564842242b4de52e9f972f87cc91abe5865e10ba4dadff57612950

  • SSDEEP

    1536:h4UHxpN/MUXsLTvCj0DBXJaOxTKE96BeWSFU6oQREj+VIbCw:h4URpNUUX6z/DBXJfVWePREj5r

Score
10/10
modiloaderpersistencetrojanupx

Malware Config

Targets

    • Target

      900cba3c4b38e1a66ad523d82c32cfbd0a10811868c577fa90bd857c53e352d8

    • Size

      68KB

    • MD5

      25671d2df46045d8bbcdbaed2093f666

    • SHA1

      19232237c28df6a6fefd58620f03749ef9cd4bcd

    • SHA256

      900cba3c4b38e1a66ad523d82c32cfbd0a10811868c577fa90bd857c53e352d8

    • SHA512

      5de220e553f73d136ac1f3195cb5712f9c31017b313b44a1471bfe2fe7342e0f9e25dcbffc564842242b4de52e9f972f87cc91abe5865e10ba4dadff57612950

    • SSDEEP

      1536:h4UHxpN/MUXsLTvCj0DBXJaOxTKE96BeWSFU6oQREj+VIbCw:h4URpNUUX6z/DBXJfVWePREj5r

    Score
    10/10
    modiloaderpersistencetrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks