modiloader | e8414dd64dbd95608d21a7b6171b875454f19a7f317f9cf6690448628fdfcf24 | Triage

Submit
Reports

Overview

overview

Static

static

1

DHL AWB# 7...33.xls

windows7-x64

DHL AWB# 7...33.xls

windows10-2004-x64

1

Sharing

General

Target

DHL AWB# 7954365333.xls
Size

280KB
Sample

240606-j8zr9sbg51
MD5

6ebcf0b1e040ec839f51640a35fa75f4
SHA1

84594217603fec2be41887b9361f565cbbd536b8
SHA256

e8414dd64dbd95608d21a7b6171b875454f19a7f317f9cf6690448628fdfcf24
SHA512

9aee1cab6c9af209b2408aade2b6122b399ca58594f8fa7453cbd6e6dec422014f1c3eff6db0055a12719c856709d4512db3376f02260dca4d665ad8c1c84c9f
SSDEEP

6144:qqFzL5LIT47HtxcbELOS8bBidbu7wGkMV4fonU8ZfI:qqFzu4LEb8OSgBugwZMEWUq

Score

10^/10

modiloader trojan

Static task

static1

Behavioral task

behavioral1

Sample

DHL AWB# 7954365333.xls

Resource

win7-20240508-en

modiloader trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

DHL AWB# 7954365333.xls

Resource

win10v2004-20240508-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  DHL AWB# 7954365333.xls
- Size
  
  280KB
- MD5
  
  6ebcf0b1e040ec839f51640a35fa75f4
- SHA1
  
  84594217603fec2be41887b9361f565cbbd536b8
- SHA256
  
  e8414dd64dbd95608d21a7b6171b875454f19a7f317f9cf6690448628fdfcf24
- SHA512
  
  9aee1cab6c9af209b2408aade2b6122b399ca58594f8fa7453cbd6e6dec422014f1c3eff6db0055a12719c856709d4512db3376f02260dca4d665ad8c1c84c9f
- SSDEEP
  
  6144:qqFzL5LIT47HtxcbELOS8bBidbu7wGkMV4fonU8ZfI:qqFzu4LEb8OSgBugwZMEWUq
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Blocklisted process makes network request
- Abuses OpenXML format to download file from external location
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

© 2018-2024

Terms | Privacy