modiloader | 20e9891c9e355b036d6f530446f6e5811fd7db4b58ab1ecdf120653045be6602 | Triage

Sharing

General

Target

d137492ae478e5ff6bd5a69d8f93cb89_JaffaCakes118
Size

2.5MB
Sample

240907-gjedxsyama
MD5

d137492ae478e5ff6bd5a69d8f93cb89
SHA1

25f83ae6bcb66fb434f7075395c1fc9465c1ecae
SHA256

20e9891c9e355b036d6f530446f6e5811fd7db4b58ab1ecdf120653045be6602
SHA512

80b5c3eeed7c061f0de9bf64e3a9725b31dcfd6a08d430c66a1e2bf3ab6b65c3983d9d5f86638a65e34eb01581f160a1605b470f423ea92a9843ab8b49d934e3
SSDEEP

49152:62f47NCVXebn7TFhrI9FRaPmpf8bRg+dtWDvxcQy+BjlK10Xfx/uXd31388MA0Ek:xf4ZoM75dI9mPm57+dtQvxfBBjV4XJ1W

Score

10^/10

modiloader discovery trojan

Malware Config

Targets

- Target
  
  Easy GIF Animator 3.5.exe
- Size
  
  2.0MB
- MD5
  
  d818076bd3e0b6c24ed8490ea0e5068b
- SHA1
  
  c861984bcdef89a0f415aa672bed9a2f1cc8d021
- SHA256
  
  151515d530ae4fc93de06d8d39ac023e8f01dee847a727e2b0baeebd48f8c66b
- SHA512
  
  131252c48675b9b7172679bfa0e13b03bcf52f60a818459b829a0507bf893c7879dadc71de08dc8f8b7e0707a964e8fb14850e65c2a0bd34692ccc73cd5e4cbe
- SSDEEP
  
  49152:9koyjhMlxWG+qVH37lFtMLhpj/V33qRposbp9PnhsFSpDdcLHCWnFTnhX:9koOhlG+oH3/tMLDjoqsnmF8aRhX
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  crack/gifan.exe
- Size
  
  621KB
- MD5
  
  1861c3dbf4d9557635f63c8d896d15bf
- SHA1
  
  5939f1c118b40f57a301ad7c3ca5183f03f11783
- SHA256
  
  5da37ec64e49dca9b98628e8712b51b7b93f46850fe33558b5867550f12d2330
- SHA512
  
  a0f41dc28ebd50a2fe4cfa4164d029e92d0524519ee2dd1364340c986d21a2f8ed79a1838b121a6cdab5c32aa450052684ca9fd9fa090aa8036220dfa98f3f07
- SSDEEP
  
  12288:XERO/69cN0jtJjzsKb6qNfOUoTEpmf/s9texbLTeLjSYHa4G:XC9cGjjVNmdTEpm3gtexbLTfYHK
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader First Stage
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

modiloaderdiscoverytrojan

behavioral4

modiloaderdiscoverytrojan