modiloader | 62ba77eac3136b0ecf90f0bd8655b7318eb3ca5512c26658b955a4b8b69c3fa5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

NEAS.1420b...d0.exe

windows7-x64

NEAS.1420b...d0.exe

windows10-2004-x64

Sharing

General

Target

NEAS.1420b7348a453ccbcd1b249e6067d7d0.exe
Size

112KB
Sample

231103-tnabzsee3s
MD5

1420b7348a453ccbcd1b249e6067d7d0
SHA1

307b47994c84b9eb3a2373fb9a807b9c6c69730a
SHA256

62ba77eac3136b0ecf90f0bd8655b7318eb3ca5512c26658b955a4b8b69c3fa5
SHA512

1f12f93928f9a0649fd1e0ee85b0e1a59e868f433c9cea4a5f8bf30d3ed562cb4047138fec92ba28be4ad3d58dfd18597857f4f57b5e76a84a91fa747eb7d260
SSDEEP

1536:OxSq3EDGvJCUCMAzZi8300d6c0+FvmgyIhmchKwC:OPAGJCUCrs8k0d6cegr1hKw

Score

10^/10

modiloader persistence trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

NEAS.1420b7348a453ccbcd1b249e6067d7d0.exe

Resource

win7-20231020-en

modiloader persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.1420b7348a453ccbcd1b249e6067d7d0.exe

Resource

win10v2004-20231020-en

modiloader persistence trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.1420b7348a453ccbcd1b249e6067d7d0.exe
- Size
  
  112KB
- MD5
  
  1420b7348a453ccbcd1b249e6067d7d0
- SHA1
  
  307b47994c84b9eb3a2373fb9a807b9c6c69730a
- SHA256
  
  62ba77eac3136b0ecf90f0bd8655b7318eb3ca5512c26658b955a4b8b69c3fa5
- SHA512
  
  1f12f93928f9a0649fd1e0ee85b0e1a59e868f433c9cea4a5f8bf30d3ed562cb4047138fec92ba28be4ad3d58dfd18597857f4f57b5e76a84a91fa747eb7d260
- SSDEEP
  
  1536:OxSq3EDGvJCUCMAzZi8300d6c0+FvmgyIhmchKwC:OPAGJCUCrs8k0d6cegr1hKw
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

modiloaderpersistencetrojan

© 2018-2025

Terms | Privacy