modiloader | ba622a518b7dcbfa1f9bd1aa2026eea584d5fec13dc5091be8d409028f7e0952 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

ba622a518b...52.exe

windows7-x64

ba622a518b...52.exe

windows10-2004-x64

Sharing

General

Target

ba622a518b7dcbfa1f9bd1aa2026eea584d5fec13dc5091be8d409028f7e0952
Size

279KB
Sample

221203-wznpvsdf94
MD5

cf2c7e0747c70b8f273d7fb93beda952
SHA1

72d38ab7e7ba4fc8e43444a370a571843aea3a13
SHA256

ba622a518b7dcbfa1f9bd1aa2026eea584d5fec13dc5091be8d409028f7e0952
SHA512

7031a8025dc76fcb6cccec013f9c92128c558c15d0861693a28677ba761612e25537ce1992a80b5caa3b7661a7a07edb235d2f8827aeb83d89128c731643cf41
SSDEEP

6144:dwRfjZtcx5/F6vcvpMq6FHhGGA/wyCXFdhA4X0K8/YYzL8P:u8b+q6usFjA4I/YYzL8P

Score

10^/10

modiloader trojan

Static task

static1

Behavioral task

behavioral1

Sample

ba622a518b7dcbfa1f9bd1aa2026eea584d5fec13dc5091be8d409028f7e0952.exe

Resource

win7-20221111-en

modiloader trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba622a518b7dcbfa1f9bd1aa2026eea584d5fec13dc5091be8d409028f7e0952.exe

Resource

win10v2004-20221111-en

modiloader trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  ba622a518b7dcbfa1f9bd1aa2026eea584d5fec13dc5091be8d409028f7e0952
- Size
  
  279KB
- MD5
  
  cf2c7e0747c70b8f273d7fb93beda952
- SHA1
  
  72d38ab7e7ba4fc8e43444a370a571843aea3a13
- SHA256
  
  ba622a518b7dcbfa1f9bd1aa2026eea584d5fec13dc5091be8d409028f7e0952
- SHA512
  
  7031a8025dc76fcb6cccec013f9c92128c558c15d0861693a28677ba761612e25537ce1992a80b5caa3b7661a7a07edb235d2f8827aeb83d89128c731643cf41
- SSDEEP
  
  6144:dwRfjZtcx5/F6vcvpMq6FHhGGA/wyCXFdhA4X0K8/YYzL8P:u8b+q6usFjA4I/YYzL8P
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan

© 2018-2025

Terms | Privacy