Overview

overview

10

Static

static

10

easy_Malic...af.exe

windows7-x64

10

easy_Malic...af.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    easy_Malicious_0308ee7ba23eb944f910e085a789935b4d525672f59d13033d936188f268c5af.exe

  • Size

    898KB

  • Sample

    230704-sf7f3sec79

  • MD5

    9f47d742728c1d932f0413832ee4696b

  • SHA1

    faa2f8a62517019ac9e3af94d3d23812de4c55e4

  • SHA256

    2d5f0e00a9a7110d27ae329e565db43d58bfc0f12c72879174ea5b3e70dd1c5d

  • SHA512

    bb91d2b41b3eeba0d31466c02918b2174dadbda904d06da158499350beced310fc4ab268e98e5d499ba5e72c40a3c9806cb85542d18e83b7bc9faee09a09255c

  • SSDEEP

    24576:IAY+wzSBZYUiR+SgH/jw4+wWiT27w5+vGUtxW2:IAuOFhfc4VT27w5YGUtxW2

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      easy_Malicious_0308ee7ba23eb944f910e085a789935b4d525672f59d13033d936188f268c5af.exe

    • Size

      898KB

    • MD5

      9f47d742728c1d932f0413832ee4696b

    • SHA1

      faa2f8a62517019ac9e3af94d3d23812de4c55e4

    • SHA256

      2d5f0e00a9a7110d27ae329e565db43d58bfc0f12c72879174ea5b3e70dd1c5d

    • SHA512

      bb91d2b41b3eeba0d31466c02918b2174dadbda904d06da158499350beced310fc4ab268e98e5d499ba5e72c40a3c9806cb85542d18e83b7bc9faee09a09255c

    • SSDEEP

      24576:IAY+wzSBZYUiR+SgH/jw4+wWiT27w5+vGUtxW2:IAuOFhfc4VT27w5YGUtxW2

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks