modiloader | e8a98c36f7e15ab097a7c0547af5fc15b2e442b04ae1df4de73417b0a777f075 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

e8a98c36f7e15ab097a7c0547af5fc15b2e442b04ae1df4de73417b0a777f075
Size

3.8MB
Sample

211230-l2x17secgl
MD5

21acfd54dfe240a07e74001bba8d181b
SHA1

21b32dc61e9b0a24035e084ac24ec6a02a21705a
SHA256

e8a98c36f7e15ab097a7c0547af5fc15b2e442b04ae1df4de73417b0a777f075
SHA512

a3820dff63dbade6a82582a90b0452ec8931ca727a59211abad82a96988e79f3250507951f4f5a3f240aa1c4b0f508876e28273aa8982c38efac85c07930405a

Score

10^/10

modiloader evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

e8a98c36f7e15ab097a7c0547af5fc15b2e442b04ae1df4de73417b0a777f075.exe

Resource

win10-en-20211208

modiloader evasion persistence trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e8a98c36f7e15ab097a7c0547af5fc15b2e442b04ae1df4de73417b0a777f075
- Size
  
  3.8MB
- MD5
  
  21acfd54dfe240a07e74001bba8d181b
- SHA1
  
  21b32dc61e9b0a24035e084ac24ec6a02a21705a
- SHA256
  
  e8a98c36f7e15ab097a7c0547af5fc15b2e442b04ae1df4de73417b0a777f075
- SHA512
  
  a3820dff63dbade6a82582a90b0452ec8931ca727a59211abad82a96988e79f3250507951f4f5a3f240aa1c4b0f508876e28273aa8982c38efac85c07930405a
Score

10^/10

modiloader evasion persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- ModiLoader First Stage
- Nirsoft
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloaderevasionpersistencetrojan

© 2018-2024

Terms | Privacy