Overview

overview

10

Static

static

1

1840220197..._F.rtf

windows7-x64

10

1840220197..._F.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1840220197_0000223948__F.doc

  • Size

    13KB

  • Sample

    240319-llgdhshc2t

  • MD5

    1edcf5f787ca137fe762e46ec765e6ef

  • SHA1

    0a10051c51b6eba3f18f055229021920121636e5

  • SHA256

    1b7b82e7a0b9e281efd1e04e989e02b71ffda8b3e347e7da396f317d795f0bcf

  • SHA512

    69f79542131721468decf88ae8ed3a9858216791bb8dacbdead3c79dc02f83ea89620cf6386710d4a7835ecf0dde0b58b748d0e1b243a88cef36bc3293516bd2

  • SSDEEP

    384:TZ17c8JZFweYcPxugxmFEHNHuc8JCqVUrnyUyo8dfkA6PQMug+RZV:V17hJZSeVPxu7FEpN8JCqMy1okkAK7uj

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      1840220197_0000223948__F.doc

    • Size

      13KB

    • MD5

      1edcf5f787ca137fe762e46ec765e6ef

    • SHA1

      0a10051c51b6eba3f18f055229021920121636e5

    • SHA256

      1b7b82e7a0b9e281efd1e04e989e02b71ffda8b3e347e7da396f317d795f0bcf

    • SHA512

      69f79542131721468decf88ae8ed3a9858216791bb8dacbdead3c79dc02f83ea89620cf6386710d4a7835ecf0dde0b58b748d0e1b243a88cef36bc3293516bd2

    • SSDEEP

      384:TZ17c8JZFweYcPxugxmFEHNHuc8JCqVUrnyUyo8dfkA6PQMug+RZV:V17hJZSeVPxu7FEpN8JCqMy1okkAK7uj

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks