modiloader | ad31048d42c4b63281d73f41d6befd5d782dec5f22ba0bbe649a1e1986694244 | Triage

Submit
Reports

Overview

overview

Static

static

ad31048d42...44.exe

windows7-x64

ad31048d42...44.exe

windows10-2004-x64

Sharing

General

Target

ad31048d42c4b63281d73f41d6befd5d782dec5f22ba0bbe649a1e1986694244
Size

2.6MB
Sample

221201-pkd4jsbb5t
MD5

3b7642e3ef34792b3b3fc9ad645cb859
SHA1

bf7071e79b4f88dc64c3c009463138cfd9e08efa
SHA256

ad31048d42c4b63281d73f41d6befd5d782dec5f22ba0bbe649a1e1986694244
SHA512

c070a482f5e52dfb0c3023cbde80ed13a818fc73b886abddeace65027c287843b649961388615c79fdb3078c36e69d882e66f5cdc04a155136106584508ffdee
SSDEEP

49152:fH67ac//////RTZsIFKISs0kI6hvBBirm0zPo2yx9si8D+hRaJC50u3NFwp:fH67ac//////3Ys0ohBl0jIsTDWRx5tg

Score

10^/10

modiloader trojan

Static task

static1

Behavioral task

behavioral1

Sample

ad31048d42c4b63281d73f41d6befd5d782dec5f22ba0bbe649a1e1986694244.exe

Resource

win7-20220812-en

modiloader trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad31048d42c4b63281d73f41d6befd5d782dec5f22ba0bbe649a1e1986694244.exe

Resource

win10v2004-20220812-en

modiloader trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad31048d42c4b63281d73f41d6befd5d782dec5f22ba0bbe649a1e1986694244
- Size
  
  2.6MB
- MD5
  
  3b7642e3ef34792b3b3fc9ad645cb859
- SHA1
  
  bf7071e79b4f88dc64c3c009463138cfd9e08efa
- SHA256
  
  ad31048d42c4b63281d73f41d6befd5d782dec5f22ba0bbe649a1e1986694244
- SHA512
  
  c070a482f5e52dfb0c3023cbde80ed13a818fc73b886abddeace65027c287843b649961388615c79fdb3078c36e69d882e66f5cdc04a155136106584508ffdee
- SSDEEP
  
  49152:fH67ac//////RTZsIFKISs0kI6hvBBirm0zPo2yx9si8D+hRaJC50u3NFwp:fH67ac//////3Ys0ohBl0jIsTDWRx5tg
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy