Overview

overview

10

Static

static

1

2 Tender-D...OQ.exe

windows7-x64

10

2 Tender-D...OQ.exe

windows10-2004-x64

10

2 Tender-D...ng.exe

windows7-x64

10

2 Tender-D...ng.exe

windows10-2004-x64

10

2 Tender-D...ns.exe

windows7-x64

10

2 Tender-D...ns.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2 Tender-Doc-UAE-10048988.7z

  • Size

    815KB

  • Sample

    230320-kc2sesce49

  • MD5

    ae8437062dfdb4f339b9f3262ad407a0

  • SHA1

    3e5cd459cf5ae372b443718cd3922c8f13f61846

  • SHA256

    6e8f498cbb3679128827729d9e7b1cd9add924f65c4df284af12eff6d01c2709

  • SHA512

    6317dad6e54ac365724119d83a1b7924e9e247020c7bc2c9b1141b4583f3ebb72e0b3c6aa83da084bf55e6b105f8a66a82df869841cd905d90587ed243c764d1

  • SSDEEP

    12288:VXXpYL6rt24VgaxPl6mqfTFqJIicT80kqrzOxO7kT8ebQP23lOyUm3r5eSEUVIrT:5XpGOtd6axwVFqaTTmO4w2Qev3FeCIQs

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      2 Tender-Doc-UAE-10048988/BOQ.exe

    • Size

      722KB

    • MD5

      6b77eaf3b88ee431b4893ffd54d40eb0

    • SHA1

      487115623be909f29d6c44def31024195e32c95e

    • SHA256

      9327c5b117be113d047b1de9354206518c06b3b837fad64b4d8b7077a3cc3c73

    • SHA512

      416c9852b6ae1bdb0ddd4e40018721d4637a22a0fcee34ae382eeab52ba66737010281aea3345a7b5a2230bacc03a8536057b769317bd3bb9442faaa9332b3a7

    • SSDEEP

      12288:cB171bq7pQn24yjmf0vff3kn6se2AtPFGu5W9q5nCItvd9G:M5E7pQ0yf+XlJtYu5W9gn1d

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    behavioral1behavioral2

    • Target

      2 Tender-Doc-UAE-10048988/Drawing.exe

    • Size

      722KB

    • MD5

      23c674bc8d34cffea3fd2745563cbccc

    • SHA1

      16a22c4d9cd8fe0aabb1d21b8f4c064ebd327a7c

    • SHA256

      b1e985c34b2df290e0514f31e376ae8405450bdf5e97ad70a270212cca20a9fc

    • SHA512

      eb2fe9561d94c4485da45b6e87d1850a7028a508266db5b537339c4feb03d0c91b871b6609a74b9bd92eb92bb94c611732e10f3e896c37f001030579edaa3f14

    • SSDEEP

      12288:wB171bq7pQn24yjmf0vff3kn6se2AtPFGu5WNq5nCItvd9T5:A5E7pQ0yf+XlJtYu5WNgn1dT

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    behavioral3behavioral4

    • Target

      2 Tender-Doc-UAE-10048988/Specifications.exe

    • Size

      720KB

    • MD5

      a3d351ea61c656fe24736fc8f5a513f3

    • SHA1

      39437e0162c6e38f6771a260a6c0994bd33408d8

    • SHA256

      cfbcc119440471366272a6132f8e1d0b2b8e79e4feecf885ad45bf4e761a9f9b

    • SHA512

      7525e1416c6f7176f87c4292063e36badb18d07fb6cdcd58465f74c554fac76e8613b39ef41f466cf40e104b402727aaabdd81c3ef6a3a73eb25fc395a5806ea

    • SSDEEP

      12288:MB171bq7pQn24yjmf0vff3kn6se2AtPFGu5WNq5nCItvd9j:85E7pQ0yf+XlJtYu5WNgn1d

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks