Overview

overview

10

Static

static

3

aa9e873e60...ac.exe

windows7-x64

10

aa9e873e60...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aa9e873e603834eb71ab070667b0efa18a01088f3752cfd496568971928804ac

  • Size

    481KB

  • Sample

    241211-cyynws1qgz

  • MD5

    dbbc479bc4e24a676bdbf2176e47e80e

  • SHA1

    d261fb93dd25221a7e8e84a3787ecf7f5fc84816

  • SHA256

    aa9e873e603834eb71ab070667b0efa18a01088f3752cfd496568971928804ac

  • SHA512

    2a107f9b17c086ad1df474129afba7652f525e03e4e382dabbe1251cce8e72ccebf8d0555d4cb37ff04fdd774c7e1fc0af9317da9d119d6d040d0c553c703ee9

  • SSDEEP

    12288:X+CL63PoVmLamC54ycpsKVWHYIS3O6/FeN7mNtTird:XJL6/nBCG/pvV+SV/FeNmTEd

Score
10/10
modiloaderbootkitdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      aa9e873e603834eb71ab070667b0efa18a01088f3752cfd496568971928804ac

    • Size

      481KB

    • MD5

      dbbc479bc4e24a676bdbf2176e47e80e

    • SHA1

      d261fb93dd25221a7e8e84a3787ecf7f5fc84816

    • SHA256

      aa9e873e603834eb71ab070667b0efa18a01088f3752cfd496568971928804ac

    • SHA512

      2a107f9b17c086ad1df474129afba7652f525e03e4e382dabbe1251cce8e72ccebf8d0555d4cb37ff04fdd774c7e1fc0af9317da9d119d6d040d0c553c703ee9

    • SSDEEP

      12288:X+CL63PoVmLamC54ycpsKVWHYIS3O6/FeN7mNtTird:XJL6/nBCG/pvV+SV/FeNmTEd

    Score
    10/10
    modiloaderbootkitdiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks