Overview

overview

10

Static

static

1

invoice_569685.cmd

windows7-x64

10

invoice_569685.cmd

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9fa5ed936b3c7dde4c90b453c9bc95f08beb8d06af8e59dc02f4526b7fee017

  • Size

    922KB

  • Sample

    240614-ckzc9svgkn

  • MD5

    d6f648d2046bf63db2ea18c19c84750e

  • SHA1

    c01dffabea9454d9fc3bbf2d574e651dbd9c7331

  • SHA256

    c9fa5ed936b3c7dde4c90b453c9bc95f08beb8d06af8e59dc02f4526b7fee017

  • SHA512

    4721d0f87455a1985b78c8f5631860c5dc0cdc42ec98180f1dbb9ad410caed15299622b7186482709b428c17f2582fd65b16f05489a9d6dca2bf5fbe92cfea6f

  • SSDEEP

    24576:4ZOFqSJkI8JEpaOsnhKemMKeNhGgCqnThNV:4ZOFqSJ0s9ReswRJndP

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      invoice_569685.cmd

    • Size

      3.2MB

    • MD5

      a44d0923af9248d5844169ae5e465b5d

    • SHA1

      9478acd0c7c630a51ec64a553a135a3f50d135bb

    • SHA256

      7d2e08e27b338c8a834d696def4ff2f541e6b19e4d550f42b5c5423fb455e56a

    • SHA512

      1035a085fb6c5f94347048433a5b2c78ff23ffff69bcca9114ad4f9e36ea048022652a8234f54912e5ee1c372c66dae6a5d4d4c60fdae2c1d3347abb7a3b2faf

    • SSDEEP

      49152:6oxyJptV+hMsrY2Dp1wrmaKY4L/A2v7380MG3LFQzPLDgV4R:K

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks