Overview

overview

10

Static

static

7

2a51c7228a...cs.exe

windows7-x64

10

2a51c7228a...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a51c7228ac7bffae312e3ddc2e4bd30_NeikiAnalytics

  • Size

    93KB

  • Sample

    240510-aksjlsaf84

  • MD5

    2a51c7228ac7bffae312e3ddc2e4bd30

  • SHA1

    7557b34ed4efd62eac785fa338bbbb8a27471953

  • SHA256

    ef5c701f146d3240bb634ff75c17d678d0a253357496d3d1172bb202e97e76a4

  • SHA512

    ad7d6cc9e616082ed2a0db664cbd75b15fdfc10b7e4d75e3a7eef2066aeac1f48323a61fda2299d1399be3c446ac3aa2842bff7c29a11032fa2fa3de1f7faaea

  • SSDEEP

    1536:mfg5XeWVhKqPaolHLzK83peDnhTpyLMjO:55XRhKqPaogbDnxMx

Score
10/10
modiloaderpersistencetrojanupx

Malware Config

Targets

    • Target

      2a51c7228ac7bffae312e3ddc2e4bd30_NeikiAnalytics

    • Size

      93KB

    • MD5

      2a51c7228ac7bffae312e3ddc2e4bd30

    • SHA1

      7557b34ed4efd62eac785fa338bbbb8a27471953

    • SHA256

      ef5c701f146d3240bb634ff75c17d678d0a253357496d3d1172bb202e97e76a4

    • SHA512

      ad7d6cc9e616082ed2a0db664cbd75b15fdfc10b7e4d75e3a7eef2066aeac1f48323a61fda2299d1399be3c446ac3aa2842bff7c29a11032fa2fa3de1f7faaea

    • SSDEEP

      1536:mfg5XeWVhKqPaolHLzK83peDnhTpyLMjO:55XRhKqPaogbDnxMx

    Score
    10/10
    modiloaderpersistencetrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modifies WinLogon for persistence

      persistence

    • ModiLoader Second Stage

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks