Overview

overview

10

Static

static

7

782e065edf...c1.exe

windows7-x64

10

782e065edf...c1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    782e065edf9a2c62d360aab6f01142c1

  • Size

    141KB

  • Sample

    240126-x1639scef4

  • MD5

    782e065edf9a2c62d360aab6f01142c1

  • SHA1

    cbf3d8f4bd33b10bf5be1b153ccb8e99eb1f138f

  • SHA256

    a26675138b7ec3f995d0c41c0a8b92495b8e12d348fdb1a6497c9e8536933185

  • SHA512

    dfd36077cd8a94305b09deda2e4d8accd935eb88ad750c7a0eeef4f550f3fb3d62c0b2745245fe2e0bc45d455798944293a7ab9671bc387e72e0bfea61b39888

  • SSDEEP

    3072:iOkQtsfHoy8j7VnNdrPHaSekwi+mW+2cdd5outt:iQq/8jZ7rvaU3+mWrCd5oSt

Score
10/10
modiloaderevasiontrojanupx

Malware Config

Targets

    • Target

      782e065edf9a2c62d360aab6f01142c1

    • Size

      141KB

    • MD5

      782e065edf9a2c62d360aab6f01142c1

    • SHA1

      cbf3d8f4bd33b10bf5be1b153ccb8e99eb1f138f

    • SHA256

      a26675138b7ec3f995d0c41c0a8b92495b8e12d348fdb1a6497c9e8536933185

    • SHA512

      dfd36077cd8a94305b09deda2e4d8accd935eb88ad750c7a0eeef4f550f3fb3d62c0b2745245fe2e0bc45d455798944293a7ab9671bc387e72e0bfea61b39888

    • SSDEEP

      3072:iOkQtsfHoy8j7VnNdrPHaSekwi+mW+2cdd5outt:iQq/8jZ7rvaU3+mWrCd5oSt

    Score
    10/10
    modiloaderevasiontrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • UAC bypass

      evasiontrojan

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks