modiloader | 804ec4bbfb8db19d04fdcc27857e14b368f83ed892cebbbbff9d92bb843fe476 | Triage

Submit
Reports

Overview

overview

Static

static

offer order.exe

windows7_x64

offer order.exe

windows10-2004_x64

Sharing

General

Target

804ec4bbfb8db19d04fdcc27857e14b368f83ed892cebbbbff9d92bb843fe476
Size

1.2MB
Sample

220521-xepl4aehcn
MD5

5cae9e7a03d9e55f2cb1632da48700b0
SHA1

854939b433083d3852f9eb683cb376f2f5085dbd
SHA256

804ec4bbfb8db19d04fdcc27857e14b368f83ed892cebbbbff9d92bb843fe476
SHA512

b2c2a3e6da06bf33aab5ee59662d820f78235f8216cade0878c6e21bfb6927edfdd8cb509cd8f04decbd3eb95020d36fa9f9803ff3c2aea4db53dfc49f025452

Score

10^/10

modiloader trojan

Static task

static1

Behavioral task

behavioral1

Sample

offer order.exe

Resource

win7-20220414-en

modiloader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

offer order.exe

Resource

win10v2004-20220414-en

modiloader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  offer order.exe
- Size
  
  1.7MB
- MD5
  
  10419c97cde1aa8bad4e33279a15f7f8
- SHA1
  
  b2942c499632593cface5c1fd18c12105656bf75
- SHA256
  
  aa840ddac1cbded575db7d3ee2d1e3102fd1c35d0a709f42209543f9913e438f
- SHA512
  
  c77bc2ead1869aced4a8e2955317c5cf99bbb68e35d54ec4d8794a6794bf3dda3b24764c8ce21bddf9ff09372565f08e3191a2c46fcbbfaaf649fa5f47bab0bc
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader First Stage
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy