modiloader | 5d1c0636a40ee1165111ab7d16c9cc9268e798e052aef4110a0d2a1ed542e675 | Triage

Sharing

General

Target

f3f9f60d92faf2b5b3e1485aa5e4c0e3_JaffaCakes118
Size

7.4MB
Sample

240924-s61q8a1fqk
MD5

f3f9f60d92faf2b5b3e1485aa5e4c0e3
SHA1

769e0c1a03a2a97781d48e1c1fed5f5b94e7dd50
SHA256

5d1c0636a40ee1165111ab7d16c9cc9268e798e052aef4110a0d2a1ed542e675
SHA512

b8a6f6dfcca47ad5633d3fa8107807b8c49897e9640e9441ce18c6832efa8717ff9d6e725a58ab4b7fc3f4cb16c51b479bd1bc7d0327d0e95ffb1af9047ad350
SSDEEP

196608:VSAbOFmZIxoL6EiNLs/BKRZqRpBVZAg3i4c4uCwILZ5PO1:jOFO0yBKKbvf3vc4uKPU

Score

10^/10

modiloader aspackv2 discovery trojan

Malware Config

Targets

- Target
  
  研究生教务管理系统改进版 v2.2/setup.exe
- Size
  
  7.0MB
- MD5
  
  4783feeaea29e55ca7fef38f11919a61
- SHA1
  
  ba242414da3716b099f468a0a3af16394ebd4a97
- SHA256
  
  544e186a5b8df125a9db59fe8f5b1d0c688d6802f38128d3b3c8512d24d332c0
- SHA512
  
  fb16cdaf8a27f77508755a751dfa607bcf213da2d4a1dbc1c272a9329eaeba3e6cc011208ae501b80b68e217c7360e60d0e05a3c790458c15bd9f6dfd0b8ae92
- SSDEEP
  
  196608:K1KhqJka6oPZfHCUUnZxlIji9dxNzSrhFzxzROa2A:HoPpKIG9dHuhVx9
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader First Stage
behavioral1 behavioral2
- Target
  
  研究生教务管理系统改进版 v2.2/安装说明.doc
- Size
  
  432KB
- MD5
  
  6dc0a4f898a9645f4ff234c03f96b3cd
- SHA1
  
  d148051d53cdb7d415f452ea0ba01a470a54f9d1
- SHA256
  
  88decc25c4155c3e3ef9f2786cf23042f98b263e91f464dde93d57c17121ee74
- SHA512
  
  23c7f2b3969b77fc636a0db1ca4f08ec27fa789c68e50fe79d140caa56144e55ae601ba70ba0af776d1af1a8f8bb7aa32f1db0df7b4044162e56473d020369c3
- SSDEEP
  
  6144:HNkpwTSyioz29+NiEZPNAGVOJ7xz9cY58b/DEMECvTbRd3UbyPxfbT7Os2ftC01c:HNkpmvNiEZ+GVOcWiDEMTLv0+dbfutC
Score

4^/10

discovery
behavioral3 behavioral4
- Target
  
  研究生教务管理系统改进版 v2.2/新云软件.url
- Size
  
  261B
- MD5
  
  af534adca72cbb40fcaba6adcf4aa0b3
- SHA1
  
  486f64259c45baf815004b6ffc65301e82aecdee
- SHA256
  
  1bbc2bfe53979f537c179995a1d1b5030db3ad6f2e46b258421506a3fb0fc296
- SHA512
  
  21d4b21c0d228498275640b397e8adfcb92dca4996cb59b035eeea523c5fd0594b0c8bc66d557265343bf6e7cb35350790fcac323db841c0cd4fea6da38b70b1
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

behavioral3

behavioral4

behavioral5

behavioral6