modiloader | 59f67b22734a0d7d1b5e449accb320cb286ab31c81f115fda9c0f4fd64e3b8cd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

8

59f67b2273...cd.exe

windows7-x64

59f67b2273...cd.exe

windows10-2004-x64

Sharing

General

Target

59f67b22734a0d7d1b5e449accb320cb286ab31c81f115fda9c0f4fd64e3b8cd
Size

118KB
Sample

221129-qsewgsdc28
MD5

3b1cd570a2d5c79b045845c1a92d760f
SHA1

7798f2417524bc92fc45b14b83352218a7d196e2
SHA256

59f67b22734a0d7d1b5e449accb320cb286ab31c81f115fda9c0f4fd64e3b8cd
SHA512

7247669eb26f0d88f9dec7dab3e9ea8a4fb2fe1b8f17337ecd4d3df4d8854123997f67ea22bd1f0f5be33ac72f1cb2daa1f2427b0f9b19c46b68b1a5061a31c2
SSDEEP

3072:veovXPoYcswp7Uclw3BwQaq9NUS002exHout8/:GovQYjwpU8OB3aq7x09exoS8

Score

10^/10

modiloader evasion trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

59f67b22734a0d7d1b5e449accb320cb286ab31c81f115fda9c0f4fd64e3b8cd.exe

Resource

win7-20220812-en

modiloader evasion trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

59f67b22734a0d7d1b5e449accb320cb286ab31c81f115fda9c0f4fd64e3b8cd.exe

Resource

win10v2004-20221111-en

modiloader evasion trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  59f67b22734a0d7d1b5e449accb320cb286ab31c81f115fda9c0f4fd64e3b8cd
- Size
  
  118KB
- MD5
  
  3b1cd570a2d5c79b045845c1a92d760f
- SHA1
  
  7798f2417524bc92fc45b14b83352218a7d196e2
- SHA256
  
  59f67b22734a0d7d1b5e449accb320cb286ab31c81f115fda9c0f4fd64e3b8cd
- SHA512
  
  7247669eb26f0d88f9dec7dab3e9ea8a4fb2fe1b8f17337ecd4d3df4d8854123997f67ea22bd1f0f5be33ac72f1cb2daa1f2427b0f9b19c46b68b1a5061a31c2
- SSDEEP
  
  3072:veovXPoYcswp7Uclw3BwQaq9NUS002exHout8/:GovQYjwpU8OB3aq7x09exoS8
Score

10^/10

modiloader evasion trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderevasiontrojanupx

behavioral2

modiloaderevasiontrojanupx

© 2018-2025

Terms | Privacy