modiloader | 0a9a5cc312d90dcb1063461aba93137c5af511985fe91aaf94f1ae7739584acf | Triage

Submit
Reports

Overview

overview

Static

static

8

0a9a5cc312...cf.exe

windows7-x64

0a9a5cc312...cf.exe

windows10-2004-x64

Sharing

General

Target

0a9a5cc312d90dcb1063461aba93137c5af511985fe91aaf94f1ae7739584acf
Size

108KB
Sample

221123-3kwv9acf69
MD5

522494b10f3f9de1b32f23aa2983670b
SHA1

87f145dab57339d2a825033c834038364bfbaa02
SHA256

0a9a5cc312d90dcb1063461aba93137c5af511985fe91aaf94f1ae7739584acf
SHA512

1b5a9eb5834eed1c69611bb5f3fd5326a154a68b9923cd97ab65f45bfe4e3a83f233e8f8634747870a39ce7999bfa3de8a2d3c1cf7aab40d0e270025fb36a254
SSDEEP

3072:91+MJKrUnFYY5z1i0Nmbi5fJBNeKI7Wqbout:LIrPj0NmWtN2pboS

Score

10^/10

modiloader evasion trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0a9a5cc312d90dcb1063461aba93137c5af511985fe91aaf94f1ae7739584acf.exe

Resource

win7-20221111-en

modiloader evasion trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a9a5cc312d90dcb1063461aba93137c5af511985fe91aaf94f1ae7739584acf.exe

Resource

win10v2004-20221111-en

modiloader evasion trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  0a9a5cc312d90dcb1063461aba93137c5af511985fe91aaf94f1ae7739584acf
- Size
  
  108KB
- MD5
  
  522494b10f3f9de1b32f23aa2983670b
- SHA1
  
  87f145dab57339d2a825033c834038364bfbaa02
- SHA256
  
  0a9a5cc312d90dcb1063461aba93137c5af511985fe91aaf94f1ae7739584acf
- SHA512
  
  1b5a9eb5834eed1c69611bb5f3fd5326a154a68b9923cd97ab65f45bfe4e3a83f233e8f8634747870a39ce7999bfa3de8a2d3c1cf7aab40d0e270025fb36a254
- SSDEEP
  
  3072:91+MJKrUnFYY5z1i0Nmbi5fJBNeKI7Wqbout:LIrPj0NmWtN2pboS
Score

10^/10

modiloader evasion trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloaderevasiontrojanupx

behavioral2

modiloaderevasiontrojanupx

© 2018-2024

Terms | Privacy