Overview

overview

10

Static

static

1

My Logo.txt

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    My Logo.txt

  • Size

    527B

  • Sample

    231208-st2sraaffm

  • MD5

    7cb71427465bd706ab27af04d788c467

  • SHA1

    2981697728344316df0a9c8e554d8ea2a49b54d8

  • SHA256

    7c288d2c2764b410346e6135d44a993a11ccb58da490f069d87285e3f774d3bd

  • SHA512

    61aec9768adae5d446bff7f006c297785a4902200f59ccd6124a93fda94fa35372a03ce213e29509fd044a6f4132e3f09ff9b9c162485718e7d797dc1acf2fea

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      My Logo.txt

    • Size

      527B

    • MD5

      7cb71427465bd706ab27af04d788c467

    • SHA1

      2981697728344316df0a9c8e554d8ea2a49b54d8

    • SHA256

      7c288d2c2764b410346e6135d44a993a11ccb58da490f069d87285e3f774d3bd

    • SHA512

      61aec9768adae5d446bff7f006c297785a4902200f59ccd6124a93fda94fa35372a03ce213e29509fd044a6f4132e3f09ff9b9c162485718e7d797dc1acf2fea

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks