modiloader | aca4ee8dbc2166326ba7506f08e2faa3a886ce3eb3da9a4e8c9cec9a52977dc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

booking report.exe
Size

1.1MB
Sample

231002-mztfnshc71
MD5

7ba8094606ebf14c2223e132ba4e0a82
SHA1

e14137562afe5bd5a96dfe55eeb295e455e3ef0e
SHA256

aca4ee8dbc2166326ba7506f08e2faa3a886ce3eb3da9a4e8c9cec9a52977dc3
SHA512

e68573be89fefef4214fbc36faa22cc9c6b7aaa371181d391e7698f7f3773e76d461332a2da84046b70d7e4e7eb92542504a155219376a2f6964ba9736f36fd1
SSDEEP

12288:qE8C9kdWdEPv8zuVEdh9a6OLqvabdpmBkt1VEmA00P85Be2fgmv1qsM8HcZG3g5q:qEPudPPOuVsaoAjlD0P83H5M8OG3

Score

10^/10

modiloader persistence trojan

Malware Config

Targets

- Target
  
  booking report.exe
- Size
  
  1.1MB
- MD5
  
  7ba8094606ebf14c2223e132ba4e0a82
- SHA1
  
  e14137562afe5bd5a96dfe55eeb295e455e3ef0e
- SHA256
  
  aca4ee8dbc2166326ba7506f08e2faa3a886ce3eb3da9a4e8c9cec9a52977dc3
- SHA512
  
  e68573be89fefef4214fbc36faa22cc9c6b7aaa371181d391e7698f7f3773e76d461332a2da84046b70d7e4e7eb92542504a155219376a2f6964ba9736f36fd1
- SSDEEP
  
  12288:qE8C9kdWdEPv8zuVEdh9a6OLqvabdpmBkt1VEmA00P85Be2fgmv1qsM8HcZG3g5q:qEPudPPOuVsaoAjlD0P83H5M8OG3
Score

10^/10

modiloader trojan persistence
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloaderpersistencetrojan