modiloader | efc010b18cf26c400372502d0664fdf9f067decbdefe284fd62bde3491c574e0 | Triage

Submit
Reports

Overview

overview

Static

static

7

efc010b18c...e0.exe

windows7_x64

efc010b18c...e0.exe

windows10-2004_x64

1

Sharing

General

Target

efc010b18cf26c400372502d0664fdf9f067decbdefe284fd62bde3491c574e0
Size

1.3MB
Sample

220625-esjc5afhd9
MD5

3a607f12626540f50e70211dbfbfa247
SHA1

d62e187f2a8c6ecbc54c3897d6e855492872893d
SHA256

efc010b18cf26c400372502d0664fdf9f067decbdefe284fd62bde3491c574e0
SHA512

df294e73f7c695ce0566803d65ad8389f79cba7f2cf56adc348e5bd5922c162efd9b4f51924644a3ce7169cb7a9d4fbb35edae20056b612d4a707444c64c328a

Score

10^/10

modiloader evasion persistence themida trojan

Static task

static1

Behavioral task

behavioral1

Sample

efc010b18cf26c400372502d0664fdf9f067decbdefe284fd62bde3491c574e0.exe

Resource

win7-20220414-en

modiloader evasion persistence themida trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

efc010b18cf26c400372502d0664fdf9f067decbdefe284fd62bde3491c574e0.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  efc010b18cf26c400372502d0664fdf9f067decbdefe284fd62bde3491c574e0
- Size
  
  1.3MB
- MD5
  
  3a607f12626540f50e70211dbfbfa247
- SHA1
  
  d62e187f2a8c6ecbc54c3897d6e855492872893d
- SHA256
  
  efc010b18cf26c400372502d0664fdf9f067decbdefe284fd62bde3491c574e0
- SHA512
  
  df294e73f7c695ce0566803d65ad8389f79cba7f2cf56adc348e5bd5922c162efd9b4f51924644a3ce7169cb7a9d4fbb35edae20056b612d4a707444c64c328a
Score

10^/10

modiloader evasion persistence themida trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- Executes dropped EXE
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloaderevasionpersistencethemidatrojan

behavioral2

© 2018-2024

Terms | Privacy