Overview

overview

10

Static

static

1

755a5deec1...13.exe

windows7-x64

10

755a5deec1...13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    755a5deec10631248bd51f61fa083218d4357bd7aa1f168b41cd301ac7e42613.zip

  • Size

    404KB

  • Sample

    230321-qn8m1ace4z

  • MD5

    38b35bda158f0de133b925677da83069

  • SHA1

    127ad3847ee2b3120bb968b8d5df8ebb3a64d5f1

  • SHA256

    9a9d9ef9de8b0cf028695e63c50f3058967269d84ed76031443df89c88dd041b

  • SHA512

    ed47569db50d3c350f7fc9648e8cb67a66a964704959b545d754e421d7e9416cc2e0ff5d5f90e08aea6ae6a231870944e7e3f2f07c15972061d4053b28ac462e

  • SSDEEP

    12288:/t+/Xwr50lEZVDWjeQ773SBZmdzkZSAk0QZ:/CuAEziq4SZY0w

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      755a5deec10631248bd51f61fa083218d4357bd7aa1f168b41cd301ac7e42613.exe

    • Size

      1.3MB

    • MD5

      a484c9ec54ffd544a95dfa92dd0a7bb4

    • SHA1

      f6e25f9390e78ec07950a5145a77281c640b6319

    • SHA256

      755a5deec10631248bd51f61fa083218d4357bd7aa1f168b41cd301ac7e42613

    • SHA512

      4800bb2f6d4450e9f0157d9577df56774456a5714b81cdb5a8efcc042e9229eac54a9fde094d236b40d16c3e7f67f081595e664899de12e9d7fb567d1847780a

    • SSDEEP

      12288:qG6bpHk8Sy5k/fyWUzCKlnwtZ0KOKyPVHGCZvOtcUcMe2ZASsKySOVgAiklqU:qGM3q/fy6BzOV1jAZA75Srklq

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks