modiloader | 1729f798fe2756586ca03648cf16dd7309314e4749303edc602ab1aaa12e8e33 | Triage

Submit
Reports

Overview

overview

Static

static

8

1729f798fe...33.exe

windows7-x64

1729f798fe...33.exe

windows10-2004-x64

Sharing

General

Target

1729f798fe2756586ca03648cf16dd7309314e4749303edc602ab1aaa12e8e33
Size

112KB
Sample

221126-ccswhsge7v
MD5

a27481c7aa6a4a71756015e84adda4ae
SHA1

80981525ce768485ae7f616b6872a150f399a9cb
SHA256

1729f798fe2756586ca03648cf16dd7309314e4749303edc602ab1aaa12e8e33
SHA512

0d418eb13a07e97fc628375a033574310548739525f6153a8955641da5bdf94f9d5dd1c672578a4afe84cbe27e7c7e7311494be34257d3d40d5a530749fb84fe
SSDEEP

3072:l1+MJKrUnFYY5z1i0Nmbi5fJBNILKAout:zIrPj0NmWtNILKAoS

Score

10^/10

modiloader evasion trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1729f798fe2756586ca03648cf16dd7309314e4749303edc602ab1aaa12e8e33.exe

Resource

win7-20220812-en

modiloader evasion trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1729f798fe2756586ca03648cf16dd7309314e4749303edc602ab1aaa12e8e33.exe

Resource

win10v2004-20220812-en

modiloader evasion trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1729f798fe2756586ca03648cf16dd7309314e4749303edc602ab1aaa12e8e33
- Size
  
  112KB
- MD5
  
  a27481c7aa6a4a71756015e84adda4ae
- SHA1
  
  80981525ce768485ae7f616b6872a150f399a9cb
- SHA256
  
  1729f798fe2756586ca03648cf16dd7309314e4749303edc602ab1aaa12e8e33
- SHA512
  
  0d418eb13a07e97fc628375a033574310548739525f6153a8955641da5bdf94f9d5dd1c672578a4afe84cbe27e7c7e7311494be34257d3d40d5a530749fb84fe
- SSDEEP
  
  3072:l1+MJKrUnFYY5z1i0Nmbi5fJBNILKAout:zIrPj0NmWtNILKAoS
Score

10^/10

modiloader evasion trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderevasiontrojanupx

behavioral2

modiloaderevasiontrojanupx

© 2018-2024

Terms | Privacy