Overview

overview

10

Static

static

3

5166f1f0d6...b1.exe

windows7-x64

10

5166f1f0d6...b1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5166f1f0d6693793e12932e324f36450126c907365ba4a9d45388831121bfcb1.exe

  • Size

    1.0MB

  • Sample

    241112-cswx4ssfmr

  • MD5

    ffd79398ecb6b74ae4e751157796870b

  • SHA1

    cedc86d9d511aa0b4ee0102cfcda83c7eb296afc

  • SHA256

    5166f1f0d6693793e12932e324f36450126c907365ba4a9d45388831121bfcb1

  • SHA512

    c732b704cc6f93272085442f939143a3afe91e93d3403905d83b7bebb4966a5c1d708832e1b89058f244c098fae91e99412ef7b7297a1321abbcbc37c7c4850a

  • SSDEEP

    24576:/GBqWzMJ3rInJFhR1T6a3p6ZFlR+gKT44VoIOL7zk:/CHncaEYL6L

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      5166f1f0d6693793e12932e324f36450126c907365ba4a9d45388831121bfcb1.exe

    • Size

      1.0MB

    • MD5

      ffd79398ecb6b74ae4e751157796870b

    • SHA1

      cedc86d9d511aa0b4ee0102cfcda83c7eb296afc

    • SHA256

      5166f1f0d6693793e12932e324f36450126c907365ba4a9d45388831121bfcb1

    • SHA512

      c732b704cc6f93272085442f939143a3afe91e93d3403905d83b7bebb4966a5c1d708832e1b89058f244c098fae91e99412ef7b7297a1321abbcbc37c7c4850a

    • SSDEEP

      24576:/GBqWzMJ3rInJFhR1T6a3p6ZFlR+gKT44VoIOL7zk:/CHncaEYL6L

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks