Overview

overview

10

Static

static

1

755a5deec1...13.exe

windows7-x64

10

755a5deec1...13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    755a5deec10631248bd51f61fa083218d4357bd7aa1f168b41cd301ac7e42613.zip

  • Size

    404KB

  • Sample

    230321-r1y5rsdd5t

  • MD5

    3e9d5ced83d9cd9c26a3883f1395ab35

  • SHA1

    cbbb07ec6fd94e4e4909f53237f6ec045a091d9a

  • SHA256

    cd7a70d5b362d16a52b408a9173f249db3d53538eff76f9fa09522e72041c9f4

  • SHA512

    85a0d8d5d6351ddd9d3c59e8e4ee04eafc46405dc5ded1a9eebc3474a5ea40c6735fd3fe08dcddb4277f2b061b5a1e24a305c3e3026e104dbf5bcbda85e63337

  • SSDEEP

    12288:wsjkbPml+sM5yciv9/7DZvWV/ns7bXSeJWmTMM:JjkbPml+fyBKyzS8MM

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      755a5deec10631248bd51f61fa083218d4357bd7aa1f168b41cd301ac7e42613.exe

    • Size

      1.3MB

    • MD5

      a484c9ec54ffd544a95dfa92dd0a7bb4

    • SHA1

      f6e25f9390e78ec07950a5145a77281c640b6319

    • SHA256

      755a5deec10631248bd51f61fa083218d4357bd7aa1f168b41cd301ac7e42613

    • SHA512

      4800bb2f6d4450e9f0157d9577df56774456a5714b81cdb5a8efcc042e9229eac54a9fde094d236b40d16c3e7f67f081595e664899de12e9d7fb567d1847780a

    • SSDEEP

      12288:qG6bpHk8Sy5k/fyWUzCKlnwtZ0KOKyPVHGCZvOtcUcMe2ZASsKySOVgAiklqU:qGM3q/fy6BzOV1jAZA75Srklq

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks