Overview

overview

10

Static

static

3

064a07dfff...f0.exe

windows7-x64

10

064a07dfff...f0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    064a07dfff407db7585ecaa3922182f0

  • Size

    645KB

  • Sample

    231229-2xb6yadcf9

  • MD5

    064a07dfff407db7585ecaa3922182f0

  • SHA1

    0a5262fc032479d7a56b0e1b4673b5abdb850b95

  • SHA256

    c39651b055a718d0a4b1ab74bd5c6c97d954b0dab201256bf77b78f546ad3d0e

  • SHA512

    108eac3b585fee115b94a7972c7284ca75e5372837bb9db3c0a8df93f2f06cc77fe6e135573235264a034d490e309c2d487c37330eb88b042a0a954f81b47160

  • SSDEEP

    12288:QorkqSLvODgc3tPsYtFEEMM6AIXEoLz+VMF3Z4mxx4nUqGGGkYThd5UcOo:A9iUEtPsYvpBqQmXEUVGGk6PrOo

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      064a07dfff407db7585ecaa3922182f0

    • Size

      645KB

    • MD5

      064a07dfff407db7585ecaa3922182f0

    • SHA1

      0a5262fc032479d7a56b0e1b4673b5abdb850b95

    • SHA256

      c39651b055a718d0a4b1ab74bd5c6c97d954b0dab201256bf77b78f546ad3d0e

    • SHA512

      108eac3b585fee115b94a7972c7284ca75e5372837bb9db3c0a8df93f2f06cc77fe6e135573235264a034d490e309c2d487c37330eb88b042a0a954f81b47160

    • SSDEEP

      12288:QorkqSLvODgc3tPsYtFEEMM6AIXEoLz+VMF3Z4mxx4nUqGGGkYThd5UcOo:A9iUEtPsYvpBqQmXEUVGGk6PrOo

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks