modiloader | 7de8abf5be3ec32abbb1025fadefe2e247fa469ddec53db23ca3b12c64da0085 | Triage

Submit
Reports

Overview

overview

Static

static

3

2d35fc445a...97.exe

windows7-x64

2d35fc445a...97.exe

windows10-2004-x64

Sharing

General

Target

2d35fc445ad68c7df2a746225f684597
Size

798KB
Sample

231231-h7ha6ahdb5
MD5

2d35fc445ad68c7df2a746225f684597
SHA1

e64e805034ecd9c624e880dcb5e3ef45572d166b
SHA256

7de8abf5be3ec32abbb1025fadefe2e247fa469ddec53db23ca3b12c64da0085
SHA512

9f0cfdd85f5d4615e54186fd0713e1e530d99af3e7d678ab3565c121a533461b7bf0273c78efc6f16d90fe8e92aae6a5ce730faf1e966f4d89c883742ee6265f
SSDEEP

12288:HuURJQz0q8+YXF1QRn82j9nBU38SsRE5xad+nHJMfTt1pKmqBDHVTUOC/:HX/QAqzUFaR9h08SOE5pH6jbEVTc/

Score

10^/10

modiloader persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2d35fc445ad68c7df2a746225f684597.exe

Resource

win7-20231215-en

modiloader persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2d35fc445ad68c7df2a746225f684597.exe

Resource

win10v2004-20231215-en

modiloader persistence trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  2d35fc445ad68c7df2a746225f684597
- Size
  
  798KB
- MD5
  
  2d35fc445ad68c7df2a746225f684597
- SHA1
  
  e64e805034ecd9c624e880dcb5e3ef45572d166b
- SHA256
  
  7de8abf5be3ec32abbb1025fadefe2e247fa469ddec53db23ca3b12c64da0085
- SHA512
  
  9f0cfdd85f5d4615e54186fd0713e1e530d99af3e7d678ab3565c121a533461b7bf0273c78efc6f16d90fe8e92aae6a5ce730faf1e966f4d89c883742ee6265f
- SSDEEP
  
  12288:HuURJQz0q8+YXF1QRn82j9nBU38SsRE5xad+nHJMfTt1pKmqBDHVTUOC/:HX/QAqzUFaR9h08SOE5pH6jbEVTc/
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

modiloaderpersistencetrojan

© 2018-2025

Terms | Privacy