General

  • Target

    8e943c4aa774abe72987569463cb7b67

  • Size

    632KB

  • Sample

    240204-je4t5acdh4

  • MD5

    8e943c4aa774abe72987569463cb7b67

  • SHA1

    8802bc0567399af8a04fb3f707237a083c786e3e

  • SHA256

    5d0a3a62112ca574a0d7cdae63c62b679438e2f2fa3253b8a9bb00e4e5a079c0

  • SHA512

    81c2948ab3d9069ec9e6e34d7fead99134b18d338b53158dc84771f4fd64084b8c1e934978f88ad1fa61055ca4dc0e88d72e140dcd7c9cc13a6a46fe065d4561

  • SSDEEP

    12288:DNqr45ffB2ldA9BPl7YYQ483nJrp78bwT0L8RwMfk/Ty97+W9u654BlAcJX4/OkG:DJfg417Yr483Jr+bwTsMfkT07+WAfJXF

Score
10/10

Malware Config

Targets

    • Target

      8e943c4aa774abe72987569463cb7b67

    • Size

      632KB

    • MD5

      8e943c4aa774abe72987569463cb7b67

    • SHA1

      8802bc0567399af8a04fb3f707237a083c786e3e

    • SHA256

      5d0a3a62112ca574a0d7cdae63c62b679438e2f2fa3253b8a9bb00e4e5a079c0

    • SHA512

      81c2948ab3d9069ec9e6e34d7fead99134b18d338b53158dc84771f4fd64084b8c1e934978f88ad1fa61055ca4dc0e88d72e140dcd7c9cc13a6a46fe065d4561

    • SSDEEP

      12288:DNqr45ffB2ldA9BPl7YYQ483nJrp78bwT0L8RwMfk/Ty97+W9u654BlAcJX4/OkG:DJfg417Yr483Jr+bwTsMfkT07+WAfJXF

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader Second Stage

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks