modiloader | 9fcc0c32fb144d2c854a6ff23b92f9e9e492a16e4bfc5045e2c95798277ba0f8 | Triage

Sharing

General

Target

d620a1f00d9566e9c338701ad9f196e9_JaffaCakes118
Size

362KB
Sample

240909-mhntvstajm
MD5

d620a1f00d9566e9c338701ad9f196e9
SHA1

b44b2e1213a658d591f0fd05e4d39fce1e4fefe1
SHA256

9fcc0c32fb144d2c854a6ff23b92f9e9e492a16e4bfc5045e2c95798277ba0f8
SHA512

0326506adde7ba295af3be4946ee732ecebf53d86df6a0194ab6cd728285ebd8c593b20bfa61eaaf874e532a224f1eb313146a09e03acf88922cf73cafe0d7cb
SSDEEP

6144:W0IDwZx/dg/xhqX6aPqMJ5p1MhQ9fpEc3XOVnn7KiCUdd4rnDV/9r2sXZv3:FIDw8hiqMJTesEc3Onn7LFdiXDr3Xd3

Score

10^/10

modiloader discovery trojan

Malware Config

Targets

- Target
  
  d620a1f00d9566e9c338701ad9f196e9_JaffaCakes118
- Size
  
  362KB
- MD5
  
  d620a1f00d9566e9c338701ad9f196e9
- SHA1
  
  b44b2e1213a658d591f0fd05e4d39fce1e4fefe1
- SHA256
  
  9fcc0c32fb144d2c854a6ff23b92f9e9e492a16e4bfc5045e2c95798277ba0f8
- SHA512
  
  0326506adde7ba295af3be4946ee732ecebf53d86df6a0194ab6cd728285ebd8c593b20bfa61eaaf874e532a224f1eb313146a09e03acf88922cf73cafe0d7cb
- SSDEEP
  
  6144:W0IDwZx/dg/xhqX6aPqMJ5p1MhQ9fpEc3XOVnn7KiCUdd4rnDV/9r2sXZv3:FIDw8hiqMJTesEc3Onn7LFdiXDr3Xd3
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2