Overview

overview

10

Static

static

10

b8c479c8f4...0d.exe

windows7-x64

10

b8c479c8f4...0d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8c479c8f43982f934d0239414add128c4cb94a8376cfd6150dc52c0395ad90d.exe

  • Size

    397KB

  • Sample

    241207-drpm3syqal

  • MD5

    be15731ec7cdca6019f9e37d5979d9b8

  • SHA1

    5d2ef63dfb98001b2323e8187dd7d15686e9984e

  • SHA256

    b8c479c8f43982f934d0239414add128c4cb94a8376cfd6150dc52c0395ad90d

  • SHA512

    0f32d93c6f2f9ee06b346be069734e57389759d5f237ab0790eb8a463efbd4dbb7e64bd42d7aca27959fcb9a9454783e5597eef089fa9632aa02527eb081072f

  • SSDEEP

    6144:cLy84u9nSO2GjZkD10BIY3rb1YfBdfpoZ3u/Ht52w6JSeiFPXoZP:I+u9nx2GjMY3XKfd/H/9PcP

Score
10/10
modiloaderdefense_evasiondiscoverypersistencetrojan

Malware Config

Targets

    • Target

      b8c479c8f43982f934d0239414add128c4cb94a8376cfd6150dc52c0395ad90d.exe

    • Size

      397KB

    • MD5

      be15731ec7cdca6019f9e37d5979d9b8

    • SHA1

      5d2ef63dfb98001b2323e8187dd7d15686e9984e

    • SHA256

      b8c479c8f43982f934d0239414add128c4cb94a8376cfd6150dc52c0395ad90d

    • SHA512

      0f32d93c6f2f9ee06b346be069734e57389759d5f237ab0790eb8a463efbd4dbb7e64bd42d7aca27959fcb9a9454783e5597eef089fa9632aa02527eb081072f

    • SSDEEP

      6144:cLy84u9nSO2GjZkD10BIY3rb1YfBdfpoZ3u/Ht52w6JSeiFPXoZP:I+u9nx2GjMY3XKfd/H/9PcP

    Score
    10/10
    modiloaderdefense_evasiondiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Impair Defenses: Safe Mode Boot

      defense_evasion

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks