Overview

overview

10

Static

static

1

02_xyc6huq...u3.rar

windows7-x64

3

02_xyc6huq...u3.rar

windows10-1703-x64

3

02_xyc6huq...u3.rar

windows10-2004-x64

3

02_xyc6huq...u3.rar

windows11-21h2-x64

3

URGENTE_NO...ON.cmd

windows7-x64

10

URGENTE_NO...ON.cmd

windows10-1703-x64

10

URGENTE_NO...ON.cmd

windows10-2004-x64

10

URGENTE_NO...ON.cmd

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02_xyc6huqzuj0jtsmevswrmw8cd25yqku3.tar

  • Size

    4.3MB

  • Sample

    240424-p37tksac29

  • MD5

    b7564a9b1aac20457e2d1a33a6b412bc

  • SHA1

    9f3059dd7f3c598194827b15b769bbf685ccaa07

  • SHA256

    ace733fd929688fb9cba1a8ecfb05db47c214694a9a993650bd022ab869a9c8a

  • SHA512

    4e97416424aa4508d2da7797259d3dc17d7442af41b52f571e92682d75b163aa30a5511631e89164bb705dae1f57e03710b0fe3a6bb17586b5b3ceaa7a033521

  • SSDEEP

    49152:TEi0F7JFavH5JDy0oqMaKcCln2UE+ESPTcexrEPdOgSlxHgamuc6slJ:x

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      02_xyc6huqzuj0jtsmevswrmw8cd25yqku3.tar

    • Size

      4.3MB

    • MD5

      b7564a9b1aac20457e2d1a33a6b412bc

    • SHA1

      9f3059dd7f3c598194827b15b769bbf685ccaa07

    • SHA256

      ace733fd929688fb9cba1a8ecfb05db47c214694a9a993650bd022ab869a9c8a

    • SHA512

      4e97416424aa4508d2da7797259d3dc17d7442af41b52f571e92682d75b163aa30a5511631e89164bb705dae1f57e03710b0fe3a6bb17586b5b3ceaa7a033521

    • SSDEEP

      49152:TEi0F7JFavH5JDy0oqMaKcCln2UE+ESPTcexrEPdOgSlxHgamuc6slJ:x

    Score
    3/10
    behavioral1behavioral2behavioral3behavioral4

    • Target

      URGENTE_NOTIFICATION.cmd

    • Size

      4.3MB

    • MD5

      10dfd3dccfeaeb1e19e586e5d89ef1c6

    • SHA1

      af3aa6b4249a27778de9e8b2fc2ee6badb0e299a

    • SHA256

      f81c9ad169f7dcfa4545eab3552115156d7923957c1cffc4809a574209599e3c

    • SHA512

      f8b3d6cc712792f1fa567ecf730809c4b49241e6b5fb31961bf8643a2b7a0af3635672cee0d2ac8e02312c1727ec3c01abb7e35ce49a831865d6a16b66b5ce7e

    • SSDEEP

      49152:EEi0F7JFavH5JDy0oqMaKcCln2UE+ESPTcexrEPdOgSlxHgamuc6slj:e

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral5behavioral6behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks