modiloader | 58f235f64196b8029bb44cf28253bc4bb98242945ac3d60c6e84ddcfce5640ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f3cee7d0e544980c62a0cca0cb4dcbb
Size

871KB
Sample

231225-pw9dtsegh8
MD5

1f3cee7d0e544980c62a0cca0cb4dcbb
SHA1

b9dd6c6309b0f2a53e1bfd9f53bdc15dfabd2147
SHA256

58f235f64196b8029bb44cf28253bc4bb98242945ac3d60c6e84ddcfce5640ad
SHA512

46606f35808c606ac064eb05940c178d969ceb0080389c4fb84c26d8fad3ee0c5cf21c5530a78bea38b0de78143edcee665651ab77c997105a130038cebde1f5
SSDEEP

12288:Y3oqJEnEbvGCokzsd73125zTkaP47dMfrGoa59YDcX6lGXi6+1G6A:Y3X/VzG7oTP47dWiLYDcXpit

Score

10^/10

modiloader trojan

Malware Config

Targets

- Target
  
  1f3cee7d0e544980c62a0cca0cb4dcbb
- Size
  
  871KB
- MD5
  
  1f3cee7d0e544980c62a0cca0cb4dcbb
- SHA1
  
  b9dd6c6309b0f2a53e1bfd9f53bdc15dfabd2147
- SHA256
  
  58f235f64196b8029bb44cf28253bc4bb98242945ac3d60c6e84ddcfce5640ad
- SHA512
  
  46606f35808c606ac064eb05940c178d969ceb0080389c4fb84c26d8fad3ee0c5cf21c5530a78bea38b0de78143edcee665651ab77c997105a130038cebde1f5
- SSDEEP
  
  12288:Y3oqJEnEbvGCokzsd73125zTkaP47dMfrGoa59YDcX6lGXi6+1G6A:Y3X/VzG7oTP47dWiLYDcXpit
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan