modiloader | d77810ca01a1bdc3b8a85a7d1d65e5b6fd61610e3a6f7ed131b1f20e6a6e4d50 | Triage

Submit
Reports

Overview

overview

Static

static

d77810ca01...50.exe

windows7-x64

d77810ca01...50.exe

windows10-2004-x64

3

Sharing

General

Target

d77810ca01a1bdc3b8a85a7d1d65e5b6fd61610e3a6f7ed131b1f20e6a6e4d50
Size

148KB
Sample

221203-pg7axsdc2s
MD5

20ec9cfd877c543211f6e6efd45768e0
SHA1

5e46c3ab143315382fe77fe4648cb098254cd37e
SHA256

d77810ca01a1bdc3b8a85a7d1d65e5b6fd61610e3a6f7ed131b1f20e6a6e4d50
SHA512

a8ef8fa37115562e8f273275de5532a86007da32f64997e800eacdf8fd4b7447ddb3f0a58e11df18346209916d85e8ac448120db179eb71899fff15c18e3d0d4
SSDEEP

3072:DHro5oAoSAvLihg/Eed/b9aAJygxpU2en5HCldqddd+ddddt:rrY2jiy//dZBVxpU2INC

Score

10^/10

modiloader trojan

Static task

static1

Behavioral task

behavioral1

Sample

d77810ca01a1bdc3b8a85a7d1d65e5b6fd61610e3a6f7ed131b1f20e6a6e4d50.exe

Resource

win7-20221111-en

modiloader trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

d77810ca01a1bdc3b8a85a7d1d65e5b6fd61610e3a6f7ed131b1f20e6a6e4d50.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  d77810ca01a1bdc3b8a85a7d1d65e5b6fd61610e3a6f7ed131b1f20e6a6e4d50
- Size
  
  148KB
- MD5
  
  20ec9cfd877c543211f6e6efd45768e0
- SHA1
  
  5e46c3ab143315382fe77fe4648cb098254cd37e
- SHA256
  
  d77810ca01a1bdc3b8a85a7d1d65e5b6fd61610e3a6f7ed131b1f20e6a6e4d50
- SHA512
  
  a8ef8fa37115562e8f273275de5532a86007da32f64997e800eacdf8fd4b7447ddb3f0a58e11df18346209916d85e8ac448120db179eb71899fff15c18e3d0d4
- SSDEEP
  
  3072:DHro5oAoSAvLihg/Eed/b9aAJygxpU2en5HCldqddd+ddddt:rrY2jiy//dZBVxpU2INC
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

© 2018-2024

Terms | Privacy