General

  • Target

    4a5721df5cc2c9ab20dda8f7ead3c272

  • Size

    270KB

  • Sample

    240108-d7xcvsbeb5

  • MD5

    4a5721df5cc2c9ab20dda8f7ead3c272

  • SHA1

    7d203bc2570ca56fbf582207352b423759783959

  • SHA256

    792872cea402db146c57f3c33e179adb5dd677b4425059a7ab1fb22a02bc7ed3

  • SHA512

    820207e8245f25923735b4edea79a5838c9ba74ed2d6d2216bdacfce0edb99bcccdbef6a18831ff4078469af81488912677593ebc1ba4e6281f4ef24a1bba113

  • SSDEEP

    6144:B10d/oYkkiOrbU5qsVvAi9eTiYmTrQxgK94t8vkah4YtLE7LkPDfHZ:Md/rkkiOr45qsB3eOH/3aRI

Score
10/10

Malware Config

Targets

    • Target

      4a5721df5cc2c9ab20dda8f7ead3c272

    • Size

      270KB

    • MD5

      4a5721df5cc2c9ab20dda8f7ead3c272

    • SHA1

      7d203bc2570ca56fbf582207352b423759783959

    • SHA256

      792872cea402db146c57f3c33e179adb5dd677b4425059a7ab1fb22a02bc7ed3

    • SHA512

      820207e8245f25923735b4edea79a5838c9ba74ed2d6d2216bdacfce0edb99bcccdbef6a18831ff4078469af81488912677593ebc1ba4e6281f4ef24a1bba113

    • SSDEEP

      6144:B10d/oYkkiOrbU5qsVvAi9eTiYmTrQxgK94t8vkah4YtLE7LkPDfHZ:Md/rkkiOr45qsB3eOH/3aRI

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks