modiloader | bc777075c2d7b0e64a6430476f77cd8a63618b9b79e19394183fa35b23afa640 | Triage

Submit
Reports

Overview

overview

Static

static

bc777075c2...40.exe

windows7-x64

bc777075c2...40.exe

windows10-2004-x64

Sharing

General

Target

bc777075c2d7b0e64a6430476f77cd8a63618b9b79e19394183fa35b23afa640
Size

545KB
Sample

230130-ep14rsge83
MD5

ddc87cbd34c19161ea3d3b55b1888107
SHA1

96856473b6be57b05bdafc7bc33b69d7418b78a6
SHA256

bc777075c2d7b0e64a6430476f77cd8a63618b9b79e19394183fa35b23afa640
SHA512

368912d8c614dd5f113c9a6f1a81066e29d2af51851c0fe4f7dae7131760f2e4b9b83bce7afaa890da444681853fe21744fe6815c254d19f3c8430edf1b9465b
SSDEEP

12288:nvuWauKWUBCv4oJ7/4ZCL2fJpgbaISXV8BiLjVjJINtTirdF:nvSu9UG3twI0pIaMWrwTEd

Score

10^/10

modiloader bootkit persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

bc777075c2d7b0e64a6430476f77cd8a63618b9b79e19394183fa35b23afa640.exe

Resource

win7-20220812-en

modiloader bootkit persistence trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

bc777075c2d7b0e64a6430476f77cd8a63618b9b79e19394183fa35b23afa640.exe

Resource

win10v2004-20220812-en

modiloader trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  bc777075c2d7b0e64a6430476f77cd8a63618b9b79e19394183fa35b23afa640
- Size
  
  545KB
- MD5
  
  ddc87cbd34c19161ea3d3b55b1888107
- SHA1
  
  96856473b6be57b05bdafc7bc33b69d7418b78a6
- SHA256
  
  bc777075c2d7b0e64a6430476f77cd8a63618b9b79e19394183fa35b23afa640
- SHA512
  
  368912d8c614dd5f113c9a6f1a81066e29d2af51851c0fe4f7dae7131760f2e4b9b83bce7afaa890da444681853fe21744fe6815c254d19f3c8430edf1b9465b
- SSDEEP
  
  12288:nvuWauKWUBCv4oJ7/4ZCL2fJpgbaISXV8BiLjVjJINtTirdF:nvSu9UG3twI0pIaMWrwTEd
Score

10^/10

modiloader bootkit persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderbootkitpersistencetrojan

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy