modiloader | 5573f50bf399a289981af095f020610e04ede3126835312bf7dc4de27f6bb602

General

Target

PI ITS15235.doc
Size

51KB
Sample

250106-hnfcfszjbw
MD5

1be2a4992097f506fd7ddb85625c2f1e
SHA1

f197c2aa2c4c1dd1059d04309b22359d46fec69b
SHA256

5573f50bf399a289981af095f020610e04ede3126835312bf7dc4de27f6bb602
SHA512

02772db9177dbd1152740078b276b33d3ef79943d6057725da800b7f16af4cda8deb666a42013e8569a36ec4a57739056e496b14c9bb229e01c154c7ea19f5ea
SSDEEP

384:Gp0xfMDVBv2xv8R8dFMjNCC4iKncEOqO6tJiSsqdg1vA9tz1/tfxP0jGaHfZtyga:GkUDrMOgPyU+1o9tlt1ha//vOFl

Score

10^/10

Malware Config

Targets

- Target
  
  PI ITS15235.doc
- Size
  
  51KB
- MD5
  
  1be2a4992097f506fd7ddb85625c2f1e
- SHA1
  
  f197c2aa2c4c1dd1059d04309b22359d46fec69b
- SHA256
  
  5573f50bf399a289981af095f020610e04ede3126835312bf7dc4de27f6bb602
- SHA512
  
  02772db9177dbd1152740078b276b33d3ef79943d6057725da800b7f16af4cda8deb666a42013e8569a36ec4a57739056e496b14c9bb229e01c154c7ea19f5ea
- SSDEEP
  
  384:Gp0xfMDVBv2xv8R8dFMjNCC4iKncEOqO6tJiSsqdg1vA9tz1/tfxP0jGaHfZtyga:GkUDrMOgPyU+1o9tlt1ha//vOFl
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ModiLoader, DBatLoader

Modiloader family

ModiLoader Second Stage

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2