Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

werty.exe

windows7-x64

10

werty.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24766f7a010c187b602d221c26d5a823

  • Size

    677KB

  • Sample

    231225-rhrmzahcc3

  • MD5

    24766f7a010c187b602d221c26d5a823

  • SHA1

    3ddc77ddccc53021ab0701941ea652a1a22ce293

  • SHA256

    17d4525c32daf16d784fe28a29a07fc0066ac892d85ea09b7caa5bd4cb0c6d0e

  • SHA512

    f751e8fe8044e6ea7104aa01c12e321b0e3e12e993893015a016a588fe13285f6fbadbbc8efc083d9c63a25bb8476369946bd6a0ece2d31700fe9b0199f0dec1

  • SSDEEP

    12288:HNMXUxQZEEnN23fDoNA+RoPJIwdpBjLW0/LQU4/924YcPxrfKT1eX6+LQbB6:tlGZVM0NRoVdTXvE124YcZ7K13+8bB6

Score
10/10
modiloadertrojan

Malware Config

Targets

    • Target

      werty.exe

    • Size

      1.0MB

    • MD5

      0c5bfdf29140cee7c34fa6166a1755c8

    • SHA1

      adbc915a64c49396e67c6d2b6aaaeda987bd9eb5

    • SHA256

      9a9f94e9ff3046494728f6f9d12d4da6700b57b38d1a151d24b903f4d41758cd

    • SHA512

      cd1b303b9cbdcae35c91f5f5e9efe3f532bde69189fe146f271c84bd258e60e0a66a347fd59247ead197c0abd7d4d208fec895a12aabf51f282d907e4b353f99

    • SSDEEP

      24576:IWBKQmXDpp02onnUhfH36pnBDoRUsujZdI/4XPU7eGAzxczoueZ7Z1:IMmTL0Vn2sUud+4XPr4ox

    Score
    10/10
    modiloadertrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • ModiLoader Second Stage

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks