modiloader | fe1765902ab8785a1d1eb2927e0af8fe7a203c9ef169f37f751194ff9500355a | Triage

Submit
Reports

Overview

overview

Static

static

fe1765902a...5a.exe

windows7-x64

fe1765902a...5a.exe

windows10-2004-x64

Sharing

General

Target

fe1765902ab8785a1d1eb2927e0af8fe7a203c9ef169f37f751194ff9500355a
Size

171KB
Sample

221126-rv3k1adg8y
MD5

7ff98c7438c0dcf75386485ce595c17d
SHA1

04fb487320e13da4c466fe428e450ed1d2a6675b
SHA256

fe1765902ab8785a1d1eb2927e0af8fe7a203c9ef169f37f751194ff9500355a
SHA512

673a865d31a7b2846941ba1292b75c5abf8b512f41188df2640c49ae94f63ee47393d4800c6aad5f2be2cc1c9f798ea774591749aaedee06f8539256ea02eeb5
SSDEEP

3072:ii9T90yI43jppwfec66XMhpoXv7J4wKWMIBOu5lpbn+wCq9lU07t0:ii9T9Z3XmecITq7DKfIBOAn+daUmt

Score

10^/10

modiloader persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

fe1765902ab8785a1d1eb2927e0af8fe7a203c9ef169f37f751194ff9500355a.exe

Resource

win7-20221111-en

modiloader persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe1765902ab8785a1d1eb2927e0af8fe7a203c9ef169f37f751194ff9500355a.exe

Resource

win10v2004-20220812-en

modiloader persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  fe1765902ab8785a1d1eb2927e0af8fe7a203c9ef169f37f751194ff9500355a
- Size
  
  171KB
- MD5
  
  7ff98c7438c0dcf75386485ce595c17d
- SHA1
  
  04fb487320e13da4c466fe428e450ed1d2a6675b
- SHA256
  
  fe1765902ab8785a1d1eb2927e0af8fe7a203c9ef169f37f751194ff9500355a
- SHA512
  
  673a865d31a7b2846941ba1292b75c5abf8b512f41188df2640c49ae94f63ee47393d4800c6aad5f2be2cc1c9f798ea774591749aaedee06f8539256ea02eeb5
- SSDEEP
  
  3072:ii9T90yI43jppwfec66XMhpoXv7J4wKWMIBOu5lpbn+wCq9lU07t0:ii9T9Z3XmecITq7DKfIBOAn+daUmt
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modifies WinLogon for persistence
  persistence
- ModiLoader Second Stage
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

modiloaderpersistencetrojan

© 2018-2024

Terms | Privacy