General

  • Target

    8e01c07867ea9bc53ce7a998669c596a

  • Size

    70KB

  • Sample

    240204-c4h6dsfdg8

  • MD5

    8e01c07867ea9bc53ce7a998669c596a

  • SHA1

    4c6a67a2c597ff3b28be9f5bb4c2093a332f6b7f

  • SHA256

    21769e7c4bf766854588cf8086c14d5f28fd8796d39ab9056a9dabc0aa2dc83f

  • SHA512

    ccb31203bc5650c35431a3f2d8383be6134bd66293a576690af545bbb91ab4605549f0ce72923dbdff222175f989de3079116490b95c7e39133e1f7fbd006b47

  • SSDEEP

    768:dIpMZLNL8aaLiyktfkOgRyRj0VDgaeTKjQoaj8fXKSCquMH0GQuJIq5OpBl+gROU:hZLNLalDc6Kmsof1CquMH0GQ2OpBl+

Score
10/10

Malware Config

Targets

    • Target

      8e01c07867ea9bc53ce7a998669c596a

    • Size

      70KB

    • MD5

      8e01c07867ea9bc53ce7a998669c596a

    • SHA1

      4c6a67a2c597ff3b28be9f5bb4c2093a332f6b7f

    • SHA256

      21769e7c4bf766854588cf8086c14d5f28fd8796d39ab9056a9dabc0aa2dc83f

    • SHA512

      ccb31203bc5650c35431a3f2d8383be6134bd66293a576690af545bbb91ab4605549f0ce72923dbdff222175f989de3079116490b95c7e39133e1f7fbd006b47

    • SSDEEP

      768:dIpMZLNL8aaLiyktfkOgRyRj0VDgaeTKjQoaj8fXKSCquMH0GQuJIq5OpBl+gROU:hZLNLalDc6Kmsof1CquMH0GQ2OpBl+

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks