Overview

overview

10

Static

static

1

4dde5e18-6...a6.eml

windows7-x64

10

4dde5e18-6...a6.eml

windows10-2004-x64

3

PO BQ87574746.gz

windows7-x64

3

PO BQ87574746.gz

windows10-2004-x64

3

email-html-1.html

windows7-x64

3

email-html-1.html

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4dde5e18-6e34-1b34-eaa0-079990e458a6.eml

  • Size

    967KB

  • Sample

    240911-pkjzsszekj

  • MD5

    f63ac0612acff6b62831f2cbe05a745b

  • SHA1

    f3ed7e7b086968230215025a03aa917706618cd2

  • SHA256

    01f7a3f82659bdaeb7a73cc3e89d4e5811cfdfea310ebf0046ed8941528af012

  • SHA512

    9448681f18f2688092c375a0a374d2eedbb769f781f4b117284e7d8b71122c7bc0cb885b83ecf7ef085196b2f67a2e6b8ae79b448f3bef11fbcc265544a5df0a

  • SSDEEP

    24576:3Xgjow3XdMAOGoJHHCu9I0AeMkq1qE+D/DIPFYIcySSgVya:3Xm3O53L5E+DcSSq

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      4dde5e18-6e34-1b34-eaa0-079990e458a6.eml

    • Size

      967KB

    • MD5

      f63ac0612acff6b62831f2cbe05a745b

    • SHA1

      f3ed7e7b086968230215025a03aa917706618cd2

    • SHA256

      01f7a3f82659bdaeb7a73cc3e89d4e5811cfdfea310ebf0046ed8941528af012

    • SHA512

      9448681f18f2688092c375a0a374d2eedbb769f781f4b117284e7d8b71122c7bc0cb885b83ecf7ef085196b2f67a2e6b8ae79b448f3bef11fbcc265544a5df0a

    • SSDEEP

      24576:3Xgjow3XdMAOGoJHHCu9I0AeMkq1qE+D/DIPFYIcySSgVya:3Xm3O53L5E+DcSSq

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      PO BQ87574746.GZ

    • Size

      691KB

    • MD5

      517158b1ede9e665f1dcc335b21a70a7

    • SHA1

      b22b48ea6962fbe9aad860d88f745b7f6b9a58a4

    • SHA256

      71dd2b89c1fda9ae7aa0ab2e7d44c1df68de978125a4b39a7872f34e70afe21e

    • SHA512

      f38b1d01922db606bd532793afa6b1349c41ab502c68e658692913024e4e72cf37d8007dd027816a29715ec41b2601eaf23ecc52b068b08d3924f2fffbf7508d

    • SSDEEP

      12288:xofUtYhMu5dA/Urfhr6jMlIPihtt6L3/kFN/esmLe0mgMHVRoei4j:xGUMCOrpCibEj/Je0uH72M

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      email-html-1.txt

    • Size

      13KB

    • MD5

      08a38653ce505102f087844f1fff242e

    • SHA1

      c37748ad6f51eb2335c09aeb0827b56bd69d62f3

    • SHA256

      c59bd2b019bfc0d66cc7689bca76244f3412183b38e9021256f17b4c1b0874a9

    • SHA512

      0a6c3f51560c8ee2ff9f9ab5104dc1c3aa4bd898f479b2ed65955a201bcce2d2e51dd83840e3f304b60f9afa29def4a50ef277c3219c7ecbfe7bb7f438a17347

    • SSDEEP

      96:p5P1snL+00NvW5u+CRoQbKzNHKKJBsNnuQyoIVXpzJkuFzN9jT59OxJ1snL+00Nh:ex2PUx2Sx2Bx23Bx2QGx2nBx275qeXJv

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks