Overview

overview

10

Static

static

3

Payment.exe

windows7-x64

10

Payment.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Payment.exe

  • Size

    769KB

  • Sample

    230501-299b7sah41

  • MD5

    938aa66b7eb10c7386cbc12ebe24d5a8

  • SHA1

    693b13a3fcf5b88494fe88f994f5b3ba0dfcf490

  • SHA256

    b553d17383669425973b2dbd042ebe90a6afc4822aeb3ceb2684667a3ed4d36d

  • SHA512

    240129b4349c942ada18beacf060559f7c2088dd434e519362645a6e44498664f013f9df6d167e2ab2d44eb8f4cb5684ec1f21468d31b8c46c6bad10bf683887

  • SSDEEP

    12288:Hu+e4v0ma0dwwcQNHRh+ZXiwBdbPmWNghnBMQfhxN2rn4PhWu7:HuRQq0iwcmhEffeW+zhxN2rn4P

Score
10/10
modiloaderpersistencetrojan

Malware Config

Targets

    • Target

      Payment.exe

    • Size

      769KB

    • MD5

      938aa66b7eb10c7386cbc12ebe24d5a8

    • SHA1

      693b13a3fcf5b88494fe88f994f5b3ba0dfcf490

    • SHA256

      b553d17383669425973b2dbd042ebe90a6afc4822aeb3ceb2684667a3ed4d36d

    • SHA512

      240129b4349c942ada18beacf060559f7c2088dd434e519362645a6e44498664f013f9df6d167e2ab2d44eb8f4cb5684ec1f21468d31b8c46c6bad10bf683887

    • SSDEEP

      12288:Hu+e4v0ma0dwwcQNHRh+ZXiwBdbPmWNghnBMQfhxN2rn4PhWu7:HuRQq0iwcmhEffeW+zhxN2rn4P

    Score
    10/10
    modiloadertrojanpersistence

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks