Overview

overview

10

Static

static

1

CONTG. 0992-19.rtf

windows7-x64

10

CONTG. 0992-19.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CONTG. 0992-19.doc

  • Size

    134KB

  • Sample

    231212-qb91asddam

  • MD5

    e50760a09ea9cf00b918b5bd8baca76b

  • SHA1

    d8e3ffff49d6feed73056129b7f117c929739323

  • SHA256

    e0c0872bbed9389356872d44567f12603714894cc9309a1ec4d295c035f10f97

  • SHA512

    5dc79fdeab8bcb0ee55d0ed4dc2f19cc2caa38c50f6d163064a9fe85dab5cf9cd26ee95aee667982d5d0b7b493d9361b5f2e4d5aabad581e24ebf217641731d3

  • SSDEEP

    384:x+aVZ4imV+XsP3P770Mxw50k4wR3OXpWDnW609j:xXrg+8vDYfHTp69j

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      CONTG. 0992-19.doc

    • Size

      134KB

    • MD5

      e50760a09ea9cf00b918b5bd8baca76b

    • SHA1

      d8e3ffff49d6feed73056129b7f117c929739323

    • SHA256

      e0c0872bbed9389356872d44567f12603714894cc9309a1ec4d295c035f10f97

    • SHA512

      5dc79fdeab8bcb0ee55d0ed4dc2f19cc2caa38c50f6d163064a9fe85dab5cf9cd26ee95aee667982d5d0b7b493d9361b5f2e4d5aabad581e24ebf217641731d3

    • SSDEEP

      384:x+aVZ4imV+XsP3P770Mxw50k4wR3OXpWDnW609j:xXrg+8vDYfHTp69j

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks