modiloader | 061eb9426e8e4f02b6ac23875d7e3c461dffb4f72d8869c7ab16e386d4677c41 | Triage

Submit
Reports

Overview

overview

Static

static

Default

windows10_x64

Sharing

General

Target

PO#4500139207.xz
Size

527KB
Sample

201207-kxgv8l8h4j
MD5

e5dec8ee8bbb51814ec4431f207a7b07
SHA1

02cb3ac0aa6eea11858ba71d488efa57d50a25a6
SHA256

061eb9426e8e4f02b6ac23875d7e3c461dffb4f72d8869c7ab16e386d4677c41
SHA512

385067f55a5d0c70931415ff255a8ff2e31c19a59f51708fe4c34437c88e7be817bc7b4e70ef7a1af29891a00fe30d03529d54d4bcce747af1aad4032eb767d2

Score

10^/10

modiloader netwire botnet persistence stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PO#4500139207.xz.exe

Resource

win10v20201028

modiloader netwire botnet persistence stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PO#4500139207.xz
- Size
  
  527KB
- MD5
  
  e5dec8ee8bbb51814ec4431f207a7b07
- SHA1
  
  02cb3ac0aa6eea11858ba71d488efa57d50a25a6
- SHA256
  
  061eb9426e8e4f02b6ac23875d7e3c461dffb4f72d8869c7ab16e386d4677c41
- SHA512
  
  385067f55a5d0c70931415ff255a8ff2e31c19a59f51708fe4c34437c88e7be817bc7b4e70ef7a1af29891a00fe30d03529d54d4bcce747af1aad4032eb767d2
Score

10^/10

modiloader netwire botnet persistence stealer trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- ServiceHost packer
  Detects ServiceHost packer used for .NET malware
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloadernetwirebotnetpersistencestealertrojan

© 2018-2024

Terms | Privacy