Overview

overview

10

Static

static

3

8bf8b98038...d5.exe

windows7-x64

10

8bf8b98038...d5.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    533b3df0e597c50e1129ec807fd6bbcf.bin

  • Size

    672KB

  • Sample

    230825-bqme8agd63

  • MD5

    e105af47fded8d4fe26b9165b5e03b3f

  • SHA1

    28590c454992eef999e5ccd03c2eabfc888f0206

  • SHA256

    7f8a7e48ab4816ebcdbd5d7e1bc49d667fe100f3eb5874611b1452ec1598ace5

  • SHA512

    b9808d190f1c417a249374b03e79de7c78dd7943a25df9682e1e9eae79b2bf4fff0e47403e70702697ebbbdd0972edbfd1b98691b31504630148f91a83f042f1

  • SSDEEP

    12288:HTIwuQ4hDNHdCR0Z0QCZMMkZL52ztCPSBR643/60xBOWByIwhap:HTIwuQGDN936Qms2z8PSBRp3ia/ByIw4

Score
10/10
modiloadertrojanupx

Malware Config

Targets

    • Target

      8bf8b980381fd607ec9065bfbcd572973770ee77c815354a35455c10651516d5.exe

    • Size

      1.1MB

    • MD5

      533b3df0e597c50e1129ec807fd6bbcf

    • SHA1

      0561fc6471cb5e2f0aa9e6b3e3fdfa9fd2586dbc

    • SHA256

      8bf8b980381fd607ec9065bfbcd572973770ee77c815354a35455c10651516d5

    • SHA512

      0bb3a148e72a30f4bf5aad8f27aa8ca1f8ca2ee36e498c395a5ac8091f3bfd9ece8cb6430881eae79a30a077b90f3f1d565833f303017ec01ee806c819bc4cd6

    • SSDEEP

      24576:+9PSlSUTC5lG8L14BQG/AWgbPmEqE5pLixE7pnrEH7T:+9PUZT2d14aGoTlnp52

    Score
    10/10
    modiloadertrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks