Overview

overview

10

Static

static

8

bf021e29ec...24.exe

windows7-x64

10

bf021e29ec...24.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf021e29ecacb640d6d0f7faa77d2eeae336e8c6737264fbd850268f07ae8524

  • Size

    109KB

  • Sample

    221201-k79frade83

  • MD5

    80739c69f572d55468e7576d4a281f27

  • SHA1

    5dc1cda80c2994490dc74f65fe9c8086e9f13aaf

  • SHA256

    bf021e29ecacb640d6d0f7faa77d2eeae336e8c6737264fbd850268f07ae8524

  • SHA512

    4eedb942aa0a9b19b1b7ade8b64be830f6b86c7b1a65965c55f7505083ea1d135304910057cd944c1851316109776f1b2859b92a271e463c945bc2c37803100d

  • SSDEEP

    3072:B1+MJKrUnFYY5z1i0Nmbi5fJBNA39/d5Hout:3IrPj0NmWtNOoS

Score
10/10
modiloaderevasiontrojanupx

Malware Config

Targets

    • Target

      bf021e29ecacb640d6d0f7faa77d2eeae336e8c6737264fbd850268f07ae8524

    • Size

      109KB

    • MD5

      80739c69f572d55468e7576d4a281f27

    • SHA1

      5dc1cda80c2994490dc74f65fe9c8086e9f13aaf

    • SHA256

      bf021e29ecacb640d6d0f7faa77d2eeae336e8c6737264fbd850268f07ae8524

    • SHA512

      4eedb942aa0a9b19b1b7ade8b64be830f6b86c7b1a65965c55f7505083ea1d135304910057cd944c1851316109776f1b2859b92a271e463c945bc2c37803100d

    • SSDEEP

      3072:B1+MJKrUnFYY5z1i0Nmbi5fJBNA39/d5Hout:3IrPj0NmWtNOoS

    Score
    10/10
    modiloaderevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks