Overview

overview

10

Static

static

7

b99e2157e4...d1.exe

windows7-x64

10

b99e2157e4...d1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b99e2157e415b68404142911826d9bd1

  • Size

    739KB

  • Sample

    240307-zk26gsed3t

  • MD5

    b99e2157e415b68404142911826d9bd1

  • SHA1

    6182a3dc3cc09655d1de367f4076af13e7bf9777

  • SHA256

    e91b3f0ddc4a0f795e6151cf6aec64c9350e0e35ebb58c6eabbf345fb32e3c7b

  • SHA512

    0ecfbe9beafd582763565a4f20907982b6c48eb4c4d803c275b7ff59e34399c001717429d9ec5422023685ef72046189f353957670a2c7ad9b5a95f0a8363eba

  • SSDEEP

    12288:d8jHAwPmc+P+UlxXJHHBK2ZMXR0l8M35F3Z4mxxQSeP+2PaLGs7LOv7:+fmlNJHw2ZMB0Oq5QmXQSoyw7

Score
10/10
modiloaderaspackv2trojan

Malware Config

Targets

    • Target

      b99e2157e415b68404142911826d9bd1

    • Size

      739KB

    • MD5

      b99e2157e415b68404142911826d9bd1

    • SHA1

      6182a3dc3cc09655d1de367f4076af13e7bf9777

    • SHA256

      e91b3f0ddc4a0f795e6151cf6aec64c9350e0e35ebb58c6eabbf345fb32e3c7b

    • SHA512

      0ecfbe9beafd582763565a4f20907982b6c48eb4c4d803c275b7ff59e34399c001717429d9ec5422023685ef72046189f353957670a2c7ad9b5a95f0a8363eba

    • SSDEEP

      12288:d8jHAwPmc+P+UlxXJHHBK2ZMXR0l8M35F3Z4mxxQSeP+2PaLGs7LOv7:+fmlNJHw2ZMB0Oq5QmXQSoyw7

    Score
    10/10
    modiloaderaspackv2trojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks