Overview

overview

10

Static

static

f236f99926...fb.exe

windows7-x64

10

f236f99926...fb.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f236f99926bbe338f7c57c61e7a3b1dd084951d97cf41cec03bf7f3a4b9a65fb

  • Size

    395KB

  • Sample

    221203-y8qa6acf48

  • MD5

    39678a0567a2305853fa577f866530ef

  • SHA1

    eb533dad0d23603c48b6a76b406f5a4d72f1d40a

  • SHA256

    f236f99926bbe338f7c57c61e7a3b1dd084951d97cf41cec03bf7f3a4b9a65fb

  • SHA512

    3e9ba98ac3ab85fde4f7c1f88e770861dc3e54fe6d870714f8948b8dfcbff8c95d68cd2300d5bc9c1aac5d031ed2e573b86d4a8ca9a92673b4d4a73a4587988f

  • SSDEEP

    12288:Hyk8WhZCGUT2bHOz/N2VZ8LFhFiUYOANkv:HJn/DUj2VUxYOA+v

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      f236f99926bbe338f7c57c61e7a3b1dd084951d97cf41cec03bf7f3a4b9a65fb

    • Size

      395KB

    • MD5

      39678a0567a2305853fa577f866530ef

    • SHA1

      eb533dad0d23603c48b6a76b406f5a4d72f1d40a

    • SHA256

      f236f99926bbe338f7c57c61e7a3b1dd084951d97cf41cec03bf7f3a4b9a65fb

    • SHA512

      3e9ba98ac3ab85fde4f7c1f88e770861dc3e54fe6d870714f8948b8dfcbff8c95d68cd2300d5bc9c1aac5d031ed2e573b86d4a8ca9a92673b4d4a73a4587988f

    • SSDEEP

      12288:Hyk8WhZCGUT2bHOz/N2VZ8LFhFiUYOANkv:HJn/DUj2VUxYOA+v

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks