modiloader | 5303eb9a220cb71e97d9ee32d73e8b4ad01d81e55128056862ba7d0924c400ac | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5303eb9a22...ac.exe

windows7-x64

8

5303eb9a22...ac.exe

windows10-2004-x64

8

Sharing

General

Target

5303eb9a220cb71e97d9ee32d73e8b4ad01d81e55128056862ba7d0924c400ac
Size

193KB
Sample

221201-lc1e2aea58
MD5

f8e64b6d0eee0b6806984c6452368e97
SHA1

026c28e7cd3fc181520517a40841d0d59926bbcc
SHA256

5303eb9a220cb71e97d9ee32d73e8b4ad01d81e55128056862ba7d0924c400ac
SHA512

b60eadfda105343ca9cfa8f424328a06c54257492d6ee74896d923607ba07012e0c9f81a09bfcd6e227fdbb555b111df086d339fc643b3b8ca027d23de48b335
SSDEEP

6144:ULHAjWhKHQjFOlTFYlMCARRTqfbOSL5IXKZV0I:ULHAjWhKHQjFOlTFYlMCARRTqfbOSL5F

Score

10^/10

modiloader

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5303eb9a220cb71e97d9ee32d73e8b4ad01d81e55128056862ba7d0924c400ac.exe

Resource

win7-20220812-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

5303eb9a220cb71e97d9ee32d73e8b4ad01d81e55128056862ba7d0924c400ac.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  5303eb9a220cb71e97d9ee32d73e8b4ad01d81e55128056862ba7d0924c400ac
- Size
  
  193KB
- MD5
  
  f8e64b6d0eee0b6806984c6452368e97
- SHA1
  
  026c28e7cd3fc181520517a40841d0d59926bbcc
- SHA256
  
  5303eb9a220cb71e97d9ee32d73e8b4ad01d81e55128056862ba7d0924c400ac
- SHA512
  
  b60eadfda105343ca9cfa8f424328a06c54257492d6ee74896d923607ba07012e0c9f81a09bfcd6e227fdbb555b111df086d339fc643b3b8ca027d23de48b335
- SSDEEP
  
  6144:ULHAjWhKHQjFOlTFYlMCARRTqfbOSL5IXKZV0I:ULHAjWhKHQjFOlTFYlMCARRTqfbOSL5F
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy