General

  • Target

    New Order list attached.exe

  • Size

    1012KB

  • Sample

    241102-lfbk3s1gqa

  • MD5

    17f041d15072470c107ec60cee93db20

  • SHA1

    e276056aaf4bb87b787d7fc9ca726de14b2d0fc7

  • SHA256

    633742fac196513c5b068c3f341a586b28b2a1b2a13d985dfd90fc09a1f79709

  • SHA512

    7d3ceed18d6819f0ccdea9bb7d2524b3c64c706d950166434e5f22060648b3f4e6dc23958eebb1c7040479cc116b7e1e1c749e655e4148471d6b3f5881e48570

  • SSDEEP

    24576:FR3KFL16dEGX9nLVv2222AN22RLVgtaxkYPZcQW/6IkWR8:FML5rL8YPuQW

Malware Config

Targets

    • Target

      New Order list attached.exe

    • Size

      1012KB

    • MD5

      17f041d15072470c107ec60cee93db20

    • SHA1

      e276056aaf4bb87b787d7fc9ca726de14b2d0fc7

    • SHA256

      633742fac196513c5b068c3f341a586b28b2a1b2a13d985dfd90fc09a1f79709

    • SHA512

      7d3ceed18d6819f0ccdea9bb7d2524b3c64c706d950166434e5f22060648b3f4e6dc23958eebb1c7040479cc116b7e1e1c749e655e4148471d6b3f5881e48570

    • SSDEEP

      24576:FR3KFL16dEGX9nLVv2222AN22RLVgtaxkYPZcQW/6IkWR8:FML5rL8YPuQW

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • Modiloader family

    • ModiLoader Second Stage

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks