modiloader | 999585aea4c06c220812c2fd3a42426a528448f1ab1273de7d27593bcea5b365 | Triage

Submit
Reports

Overview

overview

Static

static

8

999585aea4...65.exe

windows7-x64

999585aea4...65.exe

windows10-2004-x64

Sharing

General

Target

999585aea4c06c220812c2fd3a42426a528448f1ab1273de7d27593bcea5b365
Size

114KB
Sample

221201-k7b59add84
MD5

b0f87b7b823be4cf0f00d87cfaa45e9c
SHA1

499d5b6beab4871b2b21a2d3b2a88e89eb42fb41
SHA256

999585aea4c06c220812c2fd3a42426a528448f1ab1273de7d27593bcea5b365
SHA512

d63c3f6ac3498b736c27df2cbad3dcb8d5607029e3177cd87037a23fbfff613c09c3a1ad3ef60a31c892a9279d62457e27e026b832d75cca97935e4d6966a0fd
SSDEEP

1536:zVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09H9Tkr8y+Oenouy8:xoy8j7VnNdrPHaSekwi+mWH+kout

Score

10^/10

modiloader evasion trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

999585aea4c06c220812c2fd3a42426a528448f1ab1273de7d27593bcea5b365.exe

Resource

win7-20221111-en

modiloader evasion trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

999585aea4c06c220812c2fd3a42426a528448f1ab1273de7d27593bcea5b365.exe

Resource

win10v2004-20220812-en

modiloader evasion trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  999585aea4c06c220812c2fd3a42426a528448f1ab1273de7d27593bcea5b365
- Size
  
  114KB
- MD5
  
  b0f87b7b823be4cf0f00d87cfaa45e9c
- SHA1
  
  499d5b6beab4871b2b21a2d3b2a88e89eb42fb41
- SHA256
  
  999585aea4c06c220812c2fd3a42426a528448f1ab1273de7d27593bcea5b365
- SHA512
  
  d63c3f6ac3498b736c27df2cbad3dcb8d5607029e3177cd87037a23fbfff613c09c3a1ad3ef60a31c892a9279d62457e27e026b832d75cca97935e4d6966a0fd
- SSDEEP
  
  1536:zVuNAXTj4Fj/91/NnLZqeWEPVpa8DzePjkgcwYS7S5+Vfk09H9Tkr8y+Oenouy8:xoy8j7VnNdrPHaSekwi+mWH+kout
Score

10^/10

modiloader evasion trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloaderevasiontrojanupx

behavioral2

modiloaderevasiontrojanupx

© 2018-2024

Terms | Privacy