modiloader | cb67844c1988b0738263573ebf7a2a2bf477ecfb9c2a51f3c65d586d17be9d18 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

8e181beb27...5f.exe

windows7-x64

8e181beb27...5f.exe

windows10-2004-x64

Sharing

General

Target

8e181beb277e9c40d3028f2c8efaf55f
Size

436KB
Sample

240204-dy1c6aaedp
MD5

8e181beb277e9c40d3028f2c8efaf55f
SHA1

a5b27d262a2fb59d941cb1a6ca6c6fbf15210a83
SHA256

cb67844c1988b0738263573ebf7a2a2bf477ecfb9c2a51f3c65d586d17be9d18
SHA512

768a6e39dbe49b1f537680f8aa241fc4b434dbcdf5569b4df8eef4ac5a02ec95caaf66e52d2abebcd0472bb515c22e450a92d1999990d2c0ad1991165889b50d
SSDEEP

6144:N1GWAE41wXoMpK8tFCQqztvtrEKlYuhRdUnTWEpFVoo2Uq1JXEKqRg6z/mGxUhIF:NYEj5tFi5Fr9lYI8LjUH5S1xUyH

Score

10^/10

modiloader persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8e181beb277e9c40d3028f2c8efaf55f.exe

Resource

win7-20231215-en

modiloader persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

8e181beb277e9c40d3028f2c8efaf55f.exe

Resource

win10v2004-20231215-en

modiloader persistence trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  8e181beb277e9c40d3028f2c8efaf55f
- Size
  
  436KB
- MD5
  
  8e181beb277e9c40d3028f2c8efaf55f
- SHA1
  
  a5b27d262a2fb59d941cb1a6ca6c6fbf15210a83
- SHA256
  
  cb67844c1988b0738263573ebf7a2a2bf477ecfb9c2a51f3c65d586d17be9d18
- SHA512
  
  768a6e39dbe49b1f537680f8aa241fc4b434dbcdf5569b4df8eef4ac5a02ec95caaf66e52d2abebcd0472bb515c22e450a92d1999990d2c0ad1991165889b50d
- SSDEEP
  
  6144:N1GWAE41wXoMpK8tFCQqztvtrEKlYuhRdUnTWEpFVoo2Uq1JXEKqRg6z/mGxUhIF:NYEj5tFi5Fr9lYI8LjUH5S1xUyH
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

modiloaderpersistencetrojan

© 2018-2025

Terms | Privacy