Overview

overview

10

Static

static

79e33d9222...f2.exe

windows7-x64

10

79e33d9222...f2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79e33d9222824af940676a4c4fe4d024eea991cab8fe36ab4473cd942bb688f2

  • Size

    219KB

  • Sample

    221128-dx2jtsfd2v

  • MD5

    87ac15b3b2fa2b211c4b4c983e2bf48a

  • SHA1

    98f7521fdc6f0cf669c880c0e43bccae729cbfbe

  • SHA256

    79e33d9222824af940676a4c4fe4d024eea991cab8fe36ab4473cd942bb688f2

  • SHA512

    1a69541a9bd491c5a99179b1c885c3167ed07e256cdd85ec56b616f41819ea7895045f011c06e5df6c8d6d26bd8d7127f30435097a18840d8b7891424d4daf1c

  • SSDEEP

    3072:qTAMgjQVzTiHpn9hd41X36dg/3k6Jny3j8TU9uuZmVIJMcF6G2IF:cA3QFTiJ9s1adg/U6JnyAT9uBJEIF

Score
10/10
modiloaderevasiontrojanupx

Malware Config

Targets

    • Target

      79e33d9222824af940676a4c4fe4d024eea991cab8fe36ab4473cd942bb688f2

    • Size

      219KB

    • MD5

      87ac15b3b2fa2b211c4b4c983e2bf48a

    • SHA1

      98f7521fdc6f0cf669c880c0e43bccae729cbfbe

    • SHA256

      79e33d9222824af940676a4c4fe4d024eea991cab8fe36ab4473cd942bb688f2

    • SHA512

      1a69541a9bd491c5a99179b1c885c3167ed07e256cdd85ec56b616f41819ea7895045f011c06e5df6c8d6d26bd8d7127f30435097a18840d8b7891424d4daf1c

    • SSDEEP

      3072:qTAMgjQVzTiHpn9hd41X36dg/3k6Jny3j8TU9uuZmVIJMcF6G2IF:cA3QFTiJ9s1adg/U6JnyAT9uBJEIF

    Score
    10/10
    modiloaderevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks