modiloader | 8e57811ac7d4893a88d3b7a6700cc4a7c326c68782a4c5a7d63d512e887e85af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75c80c4359c9075fa591dcd05f9da43b_JaffaCakes118
Size

3.7MB
Sample

240726-z8k7wayeqb
MD5

75c80c4359c9075fa591dcd05f9da43b
SHA1

bce48c3cda8acdb2e1fc838d8fdc033f7f6b1df5
SHA256

8e57811ac7d4893a88d3b7a6700cc4a7c326c68782a4c5a7d63d512e887e85af
SHA512

c021492f934f7098789adc79d295249bb03f21f1c87aa1d7ed3b26eb13b46751bba3b086bac4e173ca042165208f56ff0d9e7e775b6771b84f585fc75d84ad8d
SSDEEP

98304:oR8zDz7By12MlEebjrYTLX42o++L8Nn2rZIO:/v8OeUP5oNeO

Score

10^/10

modiloader discovery trojan upx

Malware Config

Targets

- Target
  
  AdWare SpyWare SE/AdWare SpyWare SE.chm
- Size
  
  1.4MB
- MD5
  
  06f103e6502c42f83819ef2d9d3e6028
- SHA1
  
  8ea5dbfcf1da18d91648eec53fb35dfa0f125242
- SHA256
  
  e2fdbaff19a10c13f10f71a45943694e87f2bfd787ec4953cbb0e31b091c4809
- SHA512
  
  1aa7a7b7053eefa5dd9b9ff242f9e50d8151fbb5662fdce072e7ea6a26de3abd36c44bef5ce4283677f3890b18b4b81b3d189fd1f17e9237486032c545a3ed28
- SSDEEP
  
  24576:v01X0Z3UVHJTznBWOMrNBq16FCa/ucbS1tboMVUzz5Qzx1EF:viX0ZQHJToOiv2cuOS1GsUzezx+F
Score

1^/10
behavioral1 behavioral2
- Target
  
  AdWare SpyWare SE/AdWare SpyWare SE.exe
- Size
  
  930KB
- MD5
  
  e80e0c7ce69cf5169bcaf50e1a5295e0
- SHA1
  
  5073110f3e83ac33aa97267007c2da7f0a07e2b0
- SHA256
  
  3f8ff600480642c297ba5b90cc9235d779727a64aab6c62732edbb74dbe5309f
- SHA512
  
  9682ae2fc0a59e0529ef6f40a6f00dcbfd890ca4bfde7c7885b4006503e17a2afd506f28e7d586572a37512b9801db9938a539a75a4fec6799a287ae2b12e9c8
- SSDEEP
  
  24576:klKnZYHeDKlXj0agL/dh9DlFRsWjaBv03Sd1zzXO+6l:kwn0e+J4ph5ZaBBfIl
Score

10^/10

modiloader discovery trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader First Stage
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  AdWare SpyWare SE/Instructions/Registry.htm
- Size
  
  16KB
- MD5
  
  f4eb651f17fb920ba6403b5efb16481b
- SHA1
  
  593da9f6a18fd7b7db8985ac4d1afa9dbbe8e5d8
- SHA256
  
  5cfa8fd2ce2403beefb2aaa1465ae86b3db485cb71828caba07cffb6869d7559
- SHA512
  
  3ceb8cc763266796e4730116ddaa7665a94835d87d2657b3722acf6e7d785b9ccff0694b25f92608669c47951825066a175d92b4a2cc3f269f3aa59f5703c0cc
- SSDEEP
  
  384:0h8TeT/58JigvJsmsDeiejeIegeVCjene3eFe5e9AeUde0e+eWeueuekegpe9FeK:88w58JiWJZQeiejeIegeVCjene3eFe5K
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  AdWare SpyWare SE/unins000.exe
- Size
  
  657KB
- MD5
  
  77b0a42e0592c8b288d879eff4dd4019
- SHA1
  
  b8d85335f2e30de16d5e526aae9293d83c038e82
- SHA256
  
  030e764383e27073584c92b6e8bfe7832f6ef3ef810ca56b0a2c1d2ca71a8ab5
- SHA512
  
  63ed1f510b887065141f409588a3fd6edd394057e9f852af9516533120653c25d0ce0bef5508865ffeb255e9f410f63fdee366907688f4bc63a32c1dfb9f2dbb
- SSDEEP
  
  12288:CeuHnWgyrgVu4rPy37WzH0A6uaF4Ad7dNsVN1qRqhD1Yxpx:buHcrgVxrPy37WzH0A6uwpd7QN1DJYx3
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  AdWare SpyWare SE/非常世纪资源网.url
- Size
  
  261B
- MD5
  
  7224ffb934111a8809741992c978930c
- SHA1
  
  b5f6b76e4e4ffdd4949a882bba0ccfccc2cc6281
- SHA256
  
  9f9d03e353424674de5a5bbbdbcdc2d02554eb6f50fa204de5ee4d5d6ec6b772
- SHA512
  
  5a4bcd91cc685ebeeb40964a5db0b95b0bab0de37cc2367ee5862bc4908a9be5144d82e39c8a4f539ac9ab6f6ffeae039ffa6bf65ba15105d390c81d999672cd
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

modiloaderdiscoverytrojanupx

behavioral4

modiloaderdiscoverytrojanupx

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10