Overview

overview

10

Static

static

3

846cde5589...JC.exe

windows7-x64

10

846cde5589...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    846cde55897a66226b2f27e8449a44e2a43104674d4c14b2dd9a937c1d819f21_JC.exe

  • Size

    1.1MB

  • Sample

    231012-tkcmyacf49

  • MD5

    1f7cd9063c92ee7c1258b4673d9f7290

  • SHA1

    5eef64e92eeeaa99a15fceac1f162576a8161732

  • SHA256

    846cde55897a66226b2f27e8449a44e2a43104674d4c14b2dd9a937c1d819f21

  • SHA512

    4dc6d440c683d37fa8ac400563af476bfc95b4d7484a761db83947c327cb73938ab4dfb75104828a63ceb95438883b7bb1381be1616efb8f5ce08b0d86626bc1

  • SSDEEP

    12288:qE8C9kdWdEPv8zuVEdh9a6OLqvabdpmBkt1VEmA00P85Be2fgmv1qsM8HcZG3g5b:qEPudPPOuVsaoAjlD0P83H5M8OG3

Score
10/10
modiloaderspywarestealertrojan

Malware Config

Targets

    • Target

      846cde55897a66226b2f27e8449a44e2a43104674d4c14b2dd9a937c1d819f21_JC.exe

    • Size

      1.1MB

    • MD5

      1f7cd9063c92ee7c1258b4673d9f7290

    • SHA1

      5eef64e92eeeaa99a15fceac1f162576a8161732

    • SHA256

      846cde55897a66226b2f27e8449a44e2a43104674d4c14b2dd9a937c1d819f21

    • SHA512

      4dc6d440c683d37fa8ac400563af476bfc95b4d7484a761db83947c327cb73938ab4dfb75104828a63ceb95438883b7bb1381be1616efb8f5ce08b0d86626bc1

    • SSDEEP

      12288:qE8C9kdWdEPv8zuVEdh9a6OLqvabdpmBkt1VEmA00P85Be2fgmv1qsM8HcZG3g5b:qEPudPPOuVsaoAjlD0P83H5M8OG3

    Score
    10/10
    modiloadertrojanspywarestealer

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks