General

  • Target

    8354e0fa41433fb9d9e6e1f70d36bb53

  • Size

    284KB

  • Sample

    240131-d463wsahc9

  • MD5

    8354e0fa41433fb9d9e6e1f70d36bb53

  • SHA1

    0d2038df3ac895c83520a7ee1ec803b7512d8e2f

  • SHA256

    cfbe12cf3d349b17dadfba5ca183d22489386d6515a0c2381b87a3800aad83d3

  • SHA512

    f7d5a6cd9dd66195578281058fc3a3054d2f219471576eddb9ff88c85d96ada93d8f2645eec40942dc6b1d97ce203566a409f14c3bf0ce0e59eceea81902c27f

  • SSDEEP

    6144:aT0Jy6ol+ikUsliblF4jS7YleLk0uprPKpV+fOYQeaAFU+:FJyVl+rtiBF4MYEL7OPKByjFU+

Score
10/10

Malware Config

Targets

    • Target

      8354e0fa41433fb9d9e6e1f70d36bb53

    • Size

      284KB

    • MD5

      8354e0fa41433fb9d9e6e1f70d36bb53

    • SHA1

      0d2038df3ac895c83520a7ee1ec803b7512d8e2f

    • SHA256

      cfbe12cf3d349b17dadfba5ca183d22489386d6515a0c2381b87a3800aad83d3

    • SHA512

      f7d5a6cd9dd66195578281058fc3a3054d2f219471576eddb9ff88c85d96ada93d8f2645eec40942dc6b1d97ce203566a409f14c3bf0ce0e59eceea81902c27f

    • SSDEEP

      6144:aT0Jy6ol+ikUsliblF4jS7YleLk0uprPKpV+fOYQeaAFU+:FJyVl+rtiBF4MYEL7OPKByjFU+

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks