Overview

overview

10

Static

static

3

USD470900_...DF.exe

windows7-x64

10

USD470900_...DF.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    USD470900_COPY_800BLHSBC882001_NOV202024.PDF.exe

  • Size

    1.2MB

  • Sample

    241120-hm325atjat

  • MD5

    ebe5a96709677657f7453439acba8bf7

  • SHA1

    97825cfd9726418b1f7ccdd81420791a809302f1

  • SHA256

    a9af5ddefd9b20204fab81b9bcda19ba06d32f010708c06d2d7de62773720ef8

  • SHA512

    fad70c63946f0e0e4c53ba7ed7ab60baee9b944dd8db3d4d3f40ae423a05e5c8b9ac849942117f5b9c394816d84acce891363c358e1f249f8702db105a9430ce

  • SSDEEP

    24576:Ien4s+Jv82wO5m5jAyTgz1Camim9U/ZxvneUy6/1D+TzxF1Ye:IG+cc5z1CadUUXtSTr

Score
10/10
modiloaderdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      USD470900_COPY_800BLHSBC882001_NOV202024.PDF.exe

    • Size

      1.2MB

    • MD5

      ebe5a96709677657f7453439acba8bf7

    • SHA1

      97825cfd9726418b1f7ccdd81420791a809302f1

    • SHA256

      a9af5ddefd9b20204fab81b9bcda19ba06d32f010708c06d2d7de62773720ef8

    • SHA512

      fad70c63946f0e0e4c53ba7ed7ab60baee9b944dd8db3d4d3f40ae423a05e5c8b9ac849942117f5b9c394816d84acce891363c358e1f249f8702db105a9430ce

    • SSDEEP

      24576:Ien4s+Jv82wO5m5jAyTgz1Camim9U/ZxvneUy6/1D+TzxF1Ye:IG+cc5z1CadUUXtSTr

    Score
    10/10
    modiloaderdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks