modiloader | 39056f4dabb6c9efacf106b733024d1a22736e6379cd2198cb37a8afbf247aaa | Triage

Submit
Reports

Overview

overview

Static

static

3

39056f4dab...aN.exe

windows7-x64

39056f4dab...aN.exe

windows10-2004-x64

Sharing

General

Target

39056f4dabb6c9efacf106b733024d1a22736e6379cd2198cb37a8afbf247aaaN.exe
Size

769KB
Sample

241130-rqfknszqdk
MD5

963a9fe267ddfa91c59eb7dbf190f270
SHA1

9ad43dcbd971d42ebfdba067117f937cd0cb8a7b
SHA256

39056f4dabb6c9efacf106b733024d1a22736e6379cd2198cb37a8afbf247aaa
SHA512

0a095c3c30e6fb72fc98706c70e1a2faf164a17d86e87229caffac5c8ca545de19cf02975b7db3c3a36e56c807c77dbebce7107a29718e200e31dff7b3ab1157
SSDEEP

12288:sYC5c18DJqoXVIaRnEFRjYHhCrAaVyly7iVPuNUNc3syNR40CXHKEHoob:Z6JXVFZ2ihUHVyc7iVPbNcO3XHK6b

Score

10^/10

modiloader discovery persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

39056f4dabb6c9efacf106b733024d1a22736e6379cd2198cb37a8afbf247aaaN.exe

Resource

win7-20241023-en

modiloader discovery persistence trojan

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

39056f4dabb6c9efacf106b733024d1a22736e6379cd2198cb37a8afbf247aaaN.exe

Resource

win10v2004-20241007-en

modiloader discovery persistence trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  39056f4dabb6c9efacf106b733024d1a22736e6379cd2198cb37a8afbf247aaaN.exe
- Size
  
  769KB
- MD5
  
  963a9fe267ddfa91c59eb7dbf190f270
- SHA1
  
  9ad43dcbd971d42ebfdba067117f937cd0cb8a7b
- SHA256
  
  39056f4dabb6c9efacf106b733024d1a22736e6379cd2198cb37a8afbf247aaa
- SHA512
  
  0a095c3c30e6fb72fc98706c70e1a2faf164a17d86e87229caffac5c8ca545de19cf02975b7db3c3a36e56c807c77dbebce7107a29718e200e31dff7b3ab1157
- SSDEEP
  
  12288:sYC5c18DJqoXVIaRnEFRjYHhCrAaVyly7iVPuNUNc3syNR40CXHKEHoob:Z6JXVFZ2ihUHVyc7iVPbNcO3XHK6b
Score

10^/10

modiloader discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverypersistencetrojan

behavioral2

modiloaderdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy