Overview

overview

10

Static

static

7

42aaf781f5...db.exe

windows7-x64

10

42aaf781f5...db.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42aaf781f50122caa14c010d2b184be8567b9cdc5b329a82bad3492c157e3bdb

  • Size

    1.6MB

  • Sample

    221130-ajldxabd75

  • MD5

    77c3cbbd6e2534399675b49f9df68437

  • SHA1

    f15e08a92db9e1bda77384934890a38a7a0aa3e6

  • SHA256

    42aaf781f50122caa14c010d2b184be8567b9cdc5b329a82bad3492c157e3bdb

  • SHA512

    033ba2c8057fbf1b7dddbc11897375e19c101d9dbc165d28eaea24f90181a1aa724439defb40823dbe0203fef182547b17357f1acd80cb2038264ef0a5bb089b

  • SSDEEP

    49152:BCOoP42LL/68rJZLIASy73RtHMmvjcaQaJoTLDx7vJgG/:BCtLLGYJKAdzXHMmAaQR

Score
10/10
modiloaderevasionthemidatrojan

Malware Config

Targets

    • Target

      42aaf781f50122caa14c010d2b184be8567b9cdc5b329a82bad3492c157e3bdb

    • Size

      1.6MB

    • MD5

      77c3cbbd6e2534399675b49f9df68437

    • SHA1

      f15e08a92db9e1bda77384934890a38a7a0aa3e6

    • SHA256

      42aaf781f50122caa14c010d2b184be8567b9cdc5b329a82bad3492c157e3bdb

    • SHA512

      033ba2c8057fbf1b7dddbc11897375e19c101d9dbc165d28eaea24f90181a1aa724439defb40823dbe0203fef182547b17357f1acd80cb2038264ef0a5bb089b

    • SSDEEP

      49152:BCOoP42LL/68rJZLIASy73RtHMmvjcaQaJoTLDx7vJgG/:BCtLLGYJKAdzXHMmAaQR

    Score
    10/10
    modiloaderevasionthemidatrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks