modiloader | 07e3054ea7b32bc1b3dc65e7805364fdbfa2a4bb4438c6b531bb8a39a4e929ad | Triage

Submit
Reports

Overview

overview

Static

static

1

0625413424416272.exe

windows7-x64

0625413424416272.exe

windows10-2004-x64

Sharing

General

Target

0625413424416272_1.zip
Size

398KB
Sample

230327-qext5sff4s
MD5

9f877247d908c1b925bde681ba3e23bb
SHA1

84fa6b3e11d7766bc5f0d887e2614104e3744fa0
SHA256

07e3054ea7b32bc1b3dc65e7805364fdbfa2a4bb4438c6b531bb8a39a4e929ad
SHA512

f2818df90baf976ee3aab70583aa5ddc8d6fd938adb9bd688c2a7f429bb94b1b4a2ab37e658b32df554cad060804d5f5afc0436e68b20040fcda2b90bd1f660d
SSDEEP

12288:M7j+Gl8CHn8BmPkqrZGwjggaSJFPks1aR:c8yn8Bmsq8WhER

Score

10^/10

modiloader persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

0625413424416272.exe

Resource

win7-20230220-en

modiloader trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

0625413424416272.exe

Resource

win10v2004-20230220-en

modiloader persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  0625413424416272.exe
- Size
  
  821KB
- MD5
  
  5fc4c73e287297316316d56ec340bb98
- SHA1
  
  306fd44b6d688e9f84d87e533605121bdf64eb9c
- SHA256
  
  33ba34d8685f48fc23e074cf802716cce5f1b27a656a0996bdf88232c42a36d7
- SHA512
  
  76b21a33991414c057d1d6eafa5f8b2327c7b6e1f2aeae6e60fc15f82c65e9c40252f4aaf9d0d3276a7401a6adfb93b35e4794d9987229aa456dcddfcb85f8d8
- SSDEEP
  
  12288:1xkn6YuwDEgW0+K4tvzxn58XdUpGHnSieAi+Ze643VaxBP:nM6yG0+hhzxnidiGHSi3HuS
Score

10^/10

modiloader trojan persistence
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloaderpersistencetrojan

© 2018-2024

Terms | Privacy