modiloader | 9f00a5fc9bdc5206d34d60f39e9872df590b4b71685afb0996e2d46e2b5a97d2 | Triage

Submit
Reports

Overview

overview

Static

static

1

9f00a5fc9b...d2.rtf

windows7-x64

9f00a5fc9b...d2.rtf

windows10-2004-x64

1

Sharing

General

Target

9f00a5fc9bdc5206d34d60f39e9872df590b4b71685afb0996e2d46e2b5a97d2.rtf
Size

101KB
Sample

240926-clb95athlb
MD5

7a9a05109dd848058fd327bc38459a3d
SHA1

a086488bd204ca42e9d522b769b94c9467ad5520
SHA256

9f00a5fc9bdc5206d34d60f39e9872df590b4b71685afb0996e2d46e2b5a97d2
SHA512

8dde56f67785f7594f1e4fe2a3b05519333daa980bae0fd84ffa34671d1d1f7507af6d04dba4909d3195db536ae2fd2782a6f45f5eb7f0df5015ca4b88e0925d
SSDEEP

768:mbTYjIXuCGvGvJSuv0AwTaTSvq1e397u1X:mojyValnaev+eNK

Score

10^/10

modiloader discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

9f00a5fc9bdc5206d34d60f39e9872df590b4b71685afb0996e2d46e2b5a97d2.rtf

Resource

win7-20240708-en

modiloader discovery trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f00a5fc9bdc5206d34d60f39e9872df590b4b71685afb0996e2d46e2b5a97d2.rtf

Resource

win10v2004-20240910-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  9f00a5fc9bdc5206d34d60f39e9872df590b4b71685afb0996e2d46e2b5a97d2.rtf
- Size
  
  101KB
- MD5
  
  7a9a05109dd848058fd327bc38459a3d
- SHA1
  
  a086488bd204ca42e9d522b769b94c9467ad5520
- SHA256
  
  9f00a5fc9bdc5206d34d60f39e9872df590b4b71685afb0996e2d46e2b5a97d2
- SHA512
  
  8dde56f67785f7594f1e4fe2a3b05519333daa980bae0fd84ffa34671d1d1f7507af6d04dba4909d3195db536ae2fd2782a6f45f5eb7f0df5015ca4b88e0925d
- SSDEEP
  
  768:mbTYjIXuCGvGvJSuv0AwTaTSvq1e397u1X:mojyValnaev+eNK
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

© 2018-2025

Terms | Privacy