modiloader | 95d7eae73cb003e6ce7187fb688959d9c060edf0d60f3e59a710dfd4c899d97e | Triage

Submit
Reports

Overview

overview

Static

static

1

Hid.bat

windows10-ltsc 2021-x64

Sharing

General

Target

12.zip
Size

188B
Sample

241218-xsx6dsyrcp
MD5

c36d73088bbaff77e91d079bb36ed17d
SHA1

ca73bbe412362e6b869bea49319cd4447a32bcf8
SHA256

95d7eae73cb003e6ce7187fb688959d9c060edf0d60f3e59a710dfd4c899d97e
SHA512

fb6b2d3097276a7ac995c7f1a445da77d183a4b2de341995940d56bea8fd273295e2be0e9ce17cb78f2cceb50d7d51e5b801c11da7a099ed98d9e8872e7b3045

Score

10^/10

modiloader aspackv2 defense_evasion discovery persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

Hid.bat

Resource

win10ltsc2021-20241211-en

modiloader aspackv2 defense_evasion discovery persistence trojan

windows10-ltsc 2021-x64

23 signatures

150 seconds

Malware Config

Targets

- Target
  
  Hid.bat
- Size
  
  40B
- MD5
  
  6a94c7d5bb1ec5f3587299358ab73826
- SHA1
  
  86de690ed264cac2ac9e3bea74ef4b12d071d01b
- SHA256
  
  90852e8db4b9a3a0a01bcf23589c1cf2f6b904387065a0382bcf441eadcd0600
- SHA512
  
  1d0ca8c4feadb7ee5b117c140b7c118ed3531a3c6ef044d5ac142c103adedd3a8ec3e6f4d83afde41f734c6b1249236820e598a5b035a3151a8efd4c3c62e813
Score

10^/10

modiloader aspackv2 defense_evasion discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Safe Mode Boot

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderaspackv2defense_evasiondiscoverypersistencetrojan

© 2018-2024

Terms | Privacy