modiloader | 4851611ebb2a33698be0ed454cbaf495d86925ef472c6cdc5b799e259c573b3c | Triage

Submit
Reports

Overview

overview

Static

static

1fedfc97d5...a8.exe

windows7-x64

1fedfc97d5...a8.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

1fedfc97d52dc13ed6cebde7519bf7a8
Size

730KB
Sample

231225-bn94haabc2
MD5

1fedfc97d52dc13ed6cebde7519bf7a8
SHA1

a5586c63c2e4eb65ce4c3f1a3070e7e01fbba470
SHA256

4851611ebb2a33698be0ed454cbaf495d86925ef472c6cdc5b799e259c573b3c
SHA512

aa67f72731ff7045ae899d4ba2cf861149c8524c92e38de2eee0bb707745a87bff6a0c7210abdf3a3ebfb49e3d34edec4588f3ba167368c8a8b64a311aaa829e
SSDEEP

12288:Y9nTQAiVtuiwlF4w+dGnS0LzPgm8cryDYTS7b9ihfJEdp86nH3UqCILs9:Y9nNMmlyeS0LzgsryuS7b9ihz6Ox

Score

10^/10

modiloader persistence trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

1fedfc97d52dc13ed6cebde7519bf7a8.exe

Resource

win7-20231215-en

modiloader persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1fedfc97d52dc13ed6cebde7519bf7a8.exe

Resource

win10v2004-20231215-en

modiloader persistence trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  1fedfc97d52dc13ed6cebde7519bf7a8
- Size
  
  730KB
- MD5
  
  1fedfc97d52dc13ed6cebde7519bf7a8
- SHA1
  
  a5586c63c2e4eb65ce4c3f1a3070e7e01fbba470
- SHA256
  
  4851611ebb2a33698be0ed454cbaf495d86925ef472c6cdc5b799e259c573b3c
- SHA512
  
  aa67f72731ff7045ae899d4ba2cf861149c8524c92e38de2eee0bb707745a87bff6a0c7210abdf3a3ebfb49e3d34edec4588f3ba167368c8a8b64a311aaa829e
- SSDEEP
  
  12288:Y9nTQAiVtuiwlF4w+dGnS0LzPgm8cryDYTS7b9ihfJEdp86nH3UqCILs9:Y9nNMmlyeS0LzgsryuS7b9ihz6Ox
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

modiloaderpersistencetrojan

© 2018-2025

Terms | Privacy