modiloader | 9e71a6530483e6eed4fd4f01476d6d58656c9f0d15b32f9f6200ba9c491ebbba | Triage

Sharing

General

Target

31c2041da9e2ddbb1b4b66e5267e48d9_JaffaCakes118
Size

1.3MB
Sample

240511-ahvwyscf96
MD5

31c2041da9e2ddbb1b4b66e5267e48d9
SHA1

6534643f2f7f167c85f5a00840ae54ef2d38d875
SHA256

9e71a6530483e6eed4fd4f01476d6d58656c9f0d15b32f9f6200ba9c491ebbba
SHA512

ca844617f47a260cea5edc48bfb6da8cab82edd2f53799df8b78630c1153edf92a8aa78b1b1401ca5a5dfdb02497d80ecc3f378cac1e1164d134a3246390fb23
SSDEEP

24576:QZVIahvx56N9zVFoKZUNZQ3VhOq+KnGYKweUAVNU5DRn+Rb7q8REvu0yDZJJ6FhB:yNouKZiCMYEUAHU5B+17q8I8D56Fhvp

Score

10^/10

modiloader trojan

Malware Config

Targets

- Target
  
  SpeedFan/soft2cn．com汉化说明.exe
- Size
  
  167KB
- MD5
  
  d5a0206baa760324e88f6a73012dfe86
- SHA1
  
  427f60070836dbf394e56e058d54394603b64e84
- SHA256
  
  b9e169dadb66528aac98472afe7191c9307ff6fbff11b19dc980bcbb594a7168
- SHA512
  
  ef7ad60b4ed7ab636389d0e2c06b1ada118da6f4b21abe6d0e4bdc677f833cb279a033b8a0df5659b8f72531a02c45cc7fcea815f8d12450d41ab03b0cdfdc46
- SSDEEP
  
  3072:6uf1iBdcYXYdbLXW/O4WLJoPfxCtvLqwVflDPd/qdH:rswr4OJonQxLqwplD
Score

1^/10
behavioral1 behavioral2
- Target
  
  SpeedFan/speedfan.exe
- Size
  
  1.2MB
- MD5
  
  3321f21e5e7924176540345310a30ca7
- SHA1
  
  f33ade66c98c6e39bb244d91a6ddd2cd4e97e658
- SHA256
  
  62cc5544e1755dbda59e79fa45288ce6d0714947c1f3443207dfb0862dd2272f
- SHA512
  
  a3ff33ad243235ef2dcfc8b6ceeb78fc5d2f6efebb70f01ba37b20b4edf3c820a5e744f84ff594010087a4862535c181e126f170b20ef16f18dda794547b762b
- SSDEEP
  
  24576:NNq6/bXn6TSrs0WUgRpq9unik1hVi5l+/MZOWsZPxWdb6DQmX+VTzP:NNDjX6dLpC21hk5A/MHg0mud
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader First Stage
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

modiloadertrojan

behavioral4

modiloadertrojan