Overview

overview

10

Static

static

3

0a5fe8fa4c...dN.exe

windows7-x64

10

0a5fe8fa4c...dN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a5fe8fa4cfc78fb97f1445c14aa4f5f3e2067bae2379f7a415a48bb55aa838dN

  • Size

    1.0MB

  • Sample

    240920-psxkvswglb

  • MD5

    6ac7ad30b34c09069dcbbf914894f350

  • SHA1

    f84bbbd747cd145ef09b02ae975ec8450a67d516

  • SHA256

    0a5fe8fa4cfc78fb97f1445c14aa4f5f3e2067bae2379f7a415a48bb55aa838d

  • SHA512

    9eaf1d1522dafcd8e346a68c8715086b34791c630776841faa4835f66af1b28eb772f00bef6cf40abc09fbb43a996b711a7778d380921ab56be1a7af5c40fe0b

  • SSDEEP

    24576:dEQiP5m51kWPYQLd5bQRM1a8DFW46dF1imLD9:da2zYkI8DFKn1imLp

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      0a5fe8fa4cfc78fb97f1445c14aa4f5f3e2067bae2379f7a415a48bb55aa838dN

    • Size

      1.0MB

    • MD5

      6ac7ad30b34c09069dcbbf914894f350

    • SHA1

      f84bbbd747cd145ef09b02ae975ec8450a67d516

    • SHA256

      0a5fe8fa4cfc78fb97f1445c14aa4f5f3e2067bae2379f7a415a48bb55aa838d

    • SHA512

      9eaf1d1522dafcd8e346a68c8715086b34791c630776841faa4835f66af1b28eb772f00bef6cf40abc09fbb43a996b711a7778d380921ab56be1a7af5c40fe0b

    • SSDEEP

      24576:dEQiP5m51kWPYQLd5bQRM1a8DFW46dF1imLD9:da2zYkI8DFKn1imLp

    Score
    10/10
    modiloaderdiscoverytrojanpersistence

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks