Overview

overview

10

Static

static

3

47197a222c...0N.exe

windows7-x64

10

47197a222c...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    47197a222c8269da3e25248c0eb85020N.exe

  • Size

    183KB

  • Sample

    240906-zlg7psxbrm

  • MD5

    47197a222c8269da3e25248c0eb85020

  • SHA1

    2203c2aacdd4bb9e53a40cb11ea9c229395c850c

  • SHA256

    b5f9285e8d731f1be4c6587394cbc3d7e750ed11d2523b967e07dc6f7eee687c

  • SHA512

    7c299805338bfa5711d0c46602f7dc319880732f14b2a58f91436e83036e6753801b2cacfe0b3e7151510408ba38753895ae86357e21e9b5aea902b74d7af008

  • SSDEEP

    3072:la5bDM8UfVhLuQIReRCoT4o3SfLRrQY+jRSOnhRVE6B2mQ6Z:0M8UE8pqLuYoSahRV72YZ

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      47197a222c8269da3e25248c0eb85020N.exe

    • Size

      183KB

    • MD5

      47197a222c8269da3e25248c0eb85020

    • SHA1

      2203c2aacdd4bb9e53a40cb11ea9c229395c850c

    • SHA256

      b5f9285e8d731f1be4c6587394cbc3d7e750ed11d2523b967e07dc6f7eee687c

    • SHA512

      7c299805338bfa5711d0c46602f7dc319880732f14b2a58f91436e83036e6753801b2cacfe0b3e7151510408ba38753895ae86357e21e9b5aea902b74d7af008

    • SSDEEP

      3072:la5bDM8UfVhLuQIReRCoT4o3SfLRrQY+jRSOnhRVE6B2mQ6Z:0M8UE8pqLuYoSahRV72YZ

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks