modiloader | 964ed7e43cc6386b44ec0fc938fef97489780e9ca5262084d752a61fdafa5976 | Triage

Submit
Reports

Overview

overview

Static

static

3

638CB74303...9A.exe

windows7-x64

638CB74303...9A.exe

windows10-2004-x64

Sharing

General

Target

638CB74303C3BECC203AFC4D596F819A.exe
Size

1.2MB
Sample

240908-ek8caaxapb
MD5

638cb74303c3becc203afc4d596f819a
SHA1

a422d6d28adf323a252392a4fd9417e9ea03031e
SHA256

964ed7e43cc6386b44ec0fc938fef97489780e9ca5262084d752a61fdafa5976
SHA512

ffef0e67e350fb1635891de9f28802379626a6a9353d7de1750db9af2169438b82db847b76ddc63e874b933e095bb1ed5e7be55d2b9cf15eb2942ac7b7a2d7b9
SSDEEP

24576:VqoHdjVhQ7+E8kW5SzKeVG5IOhozeUnpfoO6w+Nqo:VqYv6FWc0IsUnp

Score

10^/10

modiloader discovery persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

638CB74303C3BECC203AFC4D596F819A.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

638CB74303C3BECC203AFC4D596F819A.exe

Resource

win10v2004-20240802-en

modiloader discovery persistence trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  638CB74303C3BECC203AFC4D596F819A.exe
- Size
  
  1.2MB
- MD5
  
  638cb74303c3becc203afc4d596f819a
- SHA1
  
  a422d6d28adf323a252392a4fd9417e9ea03031e
- SHA256
  
  964ed7e43cc6386b44ec0fc938fef97489780e9ca5262084d752a61fdafa5976
- SHA512
  
  ffef0e67e350fb1635891de9f28802379626a6a9353d7de1750db9af2169438b82db847b76ddc63e874b933e095bb1ed5e7be55d2b9cf15eb2942ac7b7a2d7b9
- SSDEEP
  
  24576:VqoHdjVhQ7+E8kW5SzKeVG5IOhozeUnpfoO6w+Nqo:VqYv6FWc0IsUnp
Score

10^/10

modiloader discovery trojan persistence
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy