modiloader | 6929b230804a7b3fbcf531920778b1db34c166d918f6423fbce1386f3328d335 | Triage

Submit
Reports

Overview

overview

Static

static

5

6929b23080...35.exe

windows7-x64

6929b23080...35.exe

windows10-2004-x64

6

Sharing

General

Target

6929b230804a7b3fbcf531920778b1db34c166d918f6423fbce1386f3328d335
Size

880KB
Sample

221127-jqq3eaee6y
MD5

62e5a16693366cfdb1c53063056ea7d4
SHA1

1824d9c5b52fb8ed57ea81af31101dd6ef59d504
SHA256

6929b230804a7b3fbcf531920778b1db34c166d918f6423fbce1386f3328d335
SHA512

05023ad05d27c6dd075252ead3a5f515b9bfc84af32c67d1fefa58738deaeeb96bb8d9f46ed3784467a372764a9e9a39d4dec1eca312209ef592699f198c82cd
SSDEEP

12288:Rtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaRTwXmm6A:Rtb20pkaCqT5TBWgNQ7alamm6A

Score

10^/10

modiloader persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6929b230804a7b3fbcf531920778b1db34c166d918f6423fbce1386f3328d335.exe

Resource

win7-20220901-en

modiloader persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6929b230804a7b3fbcf531920778b1db34c166d918f6423fbce1386f3328d335.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  6929b230804a7b3fbcf531920778b1db34c166d918f6423fbce1386f3328d335
- Size
  
  880KB
- MD5
  
  62e5a16693366cfdb1c53063056ea7d4
- SHA1
  
  1824d9c5b52fb8ed57ea81af31101dd6ef59d504
- SHA256
  
  6929b230804a7b3fbcf531920778b1db34c166d918f6423fbce1386f3328d335
- SHA512
  
  05023ad05d27c6dd075252ead3a5f515b9bfc84af32c67d1fefa58738deaeeb96bb8d9f46ed3784467a372764a9e9a39d4dec1eca312209ef592699f198c82cd
- SSDEEP
  
  12288:Rtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaRTwXmm6A:Rtb20pkaCqT5TBWgNQ7alamm6A
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy