modiloader | dac1d00c4e6d2c0f2e95921cadf8c7f8bee22b8d9d5220eb4ca9a688a8e5cb9c | Triage

Sharing

General

Target

faf57cedbd6fa0ad31b35b28ddc51bac_JaffaCakes118
Size

2.0MB
Sample

240927-1mq2nstcpa
MD5

faf57cedbd6fa0ad31b35b28ddc51bac
SHA1

0201b9e544e4ebd88f75a3a27fffb95af182aa8d
SHA256

dac1d00c4e6d2c0f2e95921cadf8c7f8bee22b8d9d5220eb4ca9a688a8e5cb9c
SHA512

5cc3eddfefe191ba534646f829aab79ea0e80ddb8bb6e191a6c6c7c212c81b8710a98fa51b4a84e02ede7ce923de8c59fa48cecdef576c488aafc4fdb3597fc2
SSDEEP

49152:11IfK1lFRqzo+wj8Tuavtog+j+bNES8nNjYTnBK2JpVM4tLS+iGX1FsxIwG:1J1nRqaATu8tog+j0V8Nj4MSpq4tB2Ir

Score

10^/10

modiloader aspackv2 discovery trojan

Malware Config

Targets

- Target
  
  cyhxwaigua/cyhxwaigua.exe
- Size
  
  2.0MB
- MD5
  
  d7b7606e8807a47971e315b8d8fca581
- SHA1
  
  13cc9e0413052765b22308f7f9dfc2e4e4ed0a67
- SHA256
  
  2936c92eb9b329642577d711f0e77703fc352e9169adcdcd9586c2e9e57c8191
- SHA512
  
  d2bfafcda2e5cdcf36fb8334aed5283c03bee921a13fc485020e57e4a22ada6b7647142d9221b9f1f5bdb11ceb2a9285405338b8170a131529e58cd091c58f93
- SSDEEP
  
  49152:WtOX84y9eBdQ2CD5XHUNh1irBHXUWrOgSli0bk:WtOwwXMENTiVk31b
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
behavioral1 behavioral2
- Target
  
  cyhxwaigua/必看说明.htm
- Size
  
  5KB
- MD5
  
  4c5a1df62d9fa491906f01105da24648
- SHA1
  
  489883df69e9e78f7fd3ea4909716410495f3020
- SHA256
  
  4d61d970fa30d1e7465275a002d020e3cc4659f73c968e235ef703c85c14a4d0
- SHA512
  
  e159d47e08470ac0ecc38d1974fe84433c4a1b3c74a7e447afc00ec1eaf49c5a5341999fdac87ab70de5ede9729587c0c44d9dba5a60b7158e05e8e3aa469ecb
- SSDEEP
  
  96:eugWlXZktTuDndkYWuokAbVXHISaQN1exgemaQNA5FaQNGmaQNNgA:e3iXFDzeXdxfx2Fx9xP
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  cyhxwaigua/河源下载站.url
- Size
  
  110B
- MD5
  
  87d5540eb47b60f225cc6d5e9ec5d3b5
- SHA1
  
  bb87c8cd2721eed95ed96cfed3c23a71dd636743
- SHA256
  
  7503e8e9530726e8934149fb2afc1a9638d8a4727cc05c6bed1c1b1539dc43fa
- SHA512
  
  ed81acc65c042f99ed20b511a755606e13619ddbd7e05125ecbcf5342ac9239329184d8b1b45d47ee4fc0ef4c62e06b2bd806b73f0f5c852173798e76d23a951
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

behavioral3

behavioral4

behavioral5

behavioral6