General

  • Target

    8490356ecebdbd657cf1a073ff1537b7

  • Size

    108KB

  • Sample

    240131-qz13asdda4

  • MD5

    8490356ecebdbd657cf1a073ff1537b7

  • SHA1

    ed1fcac303562ca1dd1312e26711be3b03d0957d

  • SHA256

    cb6700f64ba9abd828ce43a0c3b2713071f00ab1cd496b5b4dece470dc32747a

  • SHA512

    985211d4c25522582e386c0e31b3da7af35f656afa628286a7d4fb39b80ba3a28225a87cde200f1fb727e19701758c07531fde349eefcf0cacee379add0b9b59

  • SSDEEP

    3072:keovXPoYcswp7Uclw3BwQaq9JIiSPYhFCout:DovQYjwpU8OB3aqvIbPYhFCoS

Malware Config

Targets

    • Target

      8490356ecebdbd657cf1a073ff1537b7

    • Size

      108KB

    • MD5

      8490356ecebdbd657cf1a073ff1537b7

    • SHA1

      ed1fcac303562ca1dd1312e26711be3b03d0957d

    • SHA256

      cb6700f64ba9abd828ce43a0c3b2713071f00ab1cd496b5b4dece470dc32747a

    • SHA512

      985211d4c25522582e386c0e31b3da7af35f656afa628286a7d4fb39b80ba3a28225a87cde200f1fb727e19701758c07531fde349eefcf0cacee379add0b9b59

    • SSDEEP

      3072:keovXPoYcswp7Uclw3BwQaq9JIiSPYhFCout:DovQYjwpU8OB3aqvIbPYhFCoS

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks