General

  • Target

    846e9a035ec1351c494b87d1113f764b

  • Size

    12KB

  • Sample

    240131-ps2vksebck

  • MD5

    846e9a035ec1351c494b87d1113f764b

  • SHA1

    e36cbe2e4106f6f959f514b5f07f8b221be87691

  • SHA256

    3ee6a1e05d8b312206982ad6b9b7d782355582769d24864e02bd57eff09eb818

  • SHA512

    ac0c2f9fa112f050c82e3e499bb3bf4d7fd83aa6f8dee004aef300261b36596e4fa9013a0858c2c96eb2586bab19f8c74db563573fbc5b887a24bb529ae94703

  • SSDEEP

    192:5ZeYLAkFvoMiGnzEUiuptRFc6zwy9vhmL/1wEcNDHKWsPecUCNj1pXkgUwu88n:5tAGxIUD4yxJctZctKWuerQj1CGW

Malware Config

Targets

    • Target

      846e9a035ec1351c494b87d1113f764b

    • Size

      12KB

    • MD5

      846e9a035ec1351c494b87d1113f764b

    • SHA1

      e36cbe2e4106f6f959f514b5f07f8b221be87691

    • SHA256

      3ee6a1e05d8b312206982ad6b9b7d782355582769d24864e02bd57eff09eb818

    • SHA512

      ac0c2f9fa112f050c82e3e499bb3bf4d7fd83aa6f8dee004aef300261b36596e4fa9013a0858c2c96eb2586bab19f8c74db563573fbc5b887a24bb529ae94703

    • SSDEEP

      192:5ZeYLAkFvoMiGnzEUiuptRFc6zwy9vhmL/1wEcNDHKWsPecUCNj1pXkgUwu88n:5tAGxIUD4yxJctZctKWuerQj1CGW

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks