Overview

overview

10

Static

static

3

RFQ-BIOTEC...24.exe

windows7-x64

10

RFQ-BIOTEC...24.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26112024_1545_26112024_RFQ-BIOTEC_002728-NOV2024.tar.gz

  • Size

    755KB

  • Sample

    241126-s7btgstpbn

  • MD5

    948bd4d1c43595c66968298936bb0166

  • SHA1

    1b1f675dd7f11726e15ddf066e13c874afb63f96

  • SHA256

    8cac227e3b4fb0544ef593f8a38ea654e7b8b3b684cf1c91f55555121d371de1

  • SHA512

    3dd7f70ad3ff052810a5ba06bee52f643566706f6d34398b6a253b8c2189b9760a7faa38cae1a1e5efb379bc842aa34633346c68ca0f922cfef1b9d5552662b6

  • SSDEEP

    12288:oSYeO+9peJF6F2us2Kw7v5OORPZE4hx6sU/CCE0KntSMFimYdsYrvqqMGrWneCbA:od09oJF6F2usTwT53vBM1/CLFntSGhYl

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      RFQ-BIOTEC_002728-NOV2024.exe

    • Size

      1.3MB

    • MD5

      79ace15018985ca7eca866bc1ba75450

    • SHA1

      8398ecad208ffceb7a7d7f05effb062aee0575a2

    • SHA256

      d9a741f56d074d634b03d575c2146fd18eccdaa91a12b694b1a74c603e3d73ba

    • SHA512

      392dfdd81132b3ff6e71910038fbdce13163f1d87bfbbc5d88c2ce8af3113dfd57d4db24f314ee43c99ae0533ef22a1ab22c13445e0befb366ba28238282d136

    • SSDEEP

      24576:UxxWMyBNKhfrnjjyal3sTcueSG3YH4fPFLb62+bJb7xtP:WLMulhBFLb67VxtP

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks