Overview

overview

10

Static

static

1

TransportL...96.rtf

windows7-x64

10

TransportL...96.rtf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    TransportLabel_9694124096.doc

  • Size

    5KB

  • Sample

    240328-vsye2sbe4y

  • MD5

    820f3913de8814f2a00f815a75c47993

  • SHA1

    82fec4f8cfcd6a3ce48c1179408b1c5fbd260c1c

  • SHA256

    0243f967c58a60d667cfc864c7685254ad4ae230bcc9f9f399ec3b67bd5674e2

  • SHA512

    eabaaea8032a45d16ab3b211adb84e6b4db93a564683d1f346355ca7389d9f9cdabd53cf09ecb087575975044f90eb128d6f6c94b489f039ee60c95027969013

  • SSDEEP

    96:ua0ll/ptlmewFVvnkpWuzUcHNq9+Uf+jbN1XGEIB+hRg7PvhM9g8m:uB/ptlm1qWuzvta+UeS+hRgLvhM9g8m

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      TransportLabel_9694124096.doc

    • Size

      5KB

    • MD5

      820f3913de8814f2a00f815a75c47993

    • SHA1

      82fec4f8cfcd6a3ce48c1179408b1c5fbd260c1c

    • SHA256

      0243f967c58a60d667cfc864c7685254ad4ae230bcc9f9f399ec3b67bd5674e2

    • SHA512

      eabaaea8032a45d16ab3b211adb84e6b4db93a564683d1f346355ca7389d9f9cdabd53cf09ecb087575975044f90eb128d6f6c94b489f039ee60c95027969013

    • SSDEEP

      96:ua0ll/ptlmewFVvnkpWuzUcHNq9+Uf+jbN1XGEIB+hRg7PvhM9g8m:uB/ptlm1qWuzvta+UeS+hRgLvhM9g8m

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks