modiloader | f6142cf78b009b118166332df150bcdbc0428bdaf2542e250af299431dd27268 | Triage

Submit
Reports

Overview

overview

Static

static

1

f6142cf78b...268.gz

windows10-2004-x64

Resubmissions

20-12-2024 19:52

241220-ylsg1atjhk 10

20-12-2024 19:25

241220-x47h7sspgr 10

20-12-2024 19:25

241220-x4y7tsspgp 1

20-12-2024 19:14

241220-xxpd2ssjdy 10

Sharing

General

Target

f6142cf78b009b118166332df150bcdbc0428bdaf2542e250af299431dd27268.gz
Size

836KB
Sample

241220-x47h7sspgr
MD5

1b4d02ca1abe23f1948225d0846cf882
SHA1

becd7b6a9a665c16ef18b01772e2419e9b9bf8b9
SHA256

f6142cf78b009b118166332df150bcdbc0428bdaf2542e250af299431dd27268
SHA512

b89965b74105f7ffa6c8a2092116dadb9c6f6bb696ca34c9d4ccc7f902f92005c8803d2d9a90d74ab904119b36e5bf01c9ea157693f879001abebd23a6d23cfb
SSDEEP

24576:bMzscMk7UyOoZChSyco5AXYLIOfj3G4zTJsMmgbZX0oOA3OXxmS:bs0kyoISyco5AXYLIO7jpig1aA+XL

Score

10^/10

modiloader discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

f6142cf78b009b118166332df150bcdbc0428bdaf2542e250af299431dd27268.gz

Resource

win10v2004-20241007-fr

modiloader discovery trojan

windows10-2004-x64

14 signatures

900 seconds

Malware Config

Targets

- Target
  
  f6142cf78b009b118166332df150bcdbc0428bdaf2542e250af299431dd27268.gz
- Size
  
  836KB
- MD5
  
  1b4d02ca1abe23f1948225d0846cf882
- SHA1
  
  becd7b6a9a665c16ef18b01772e2419e9b9bf8b9
- SHA256
  
  f6142cf78b009b118166332df150bcdbc0428bdaf2542e250af299431dd27268
- SHA512
  
  b89965b74105f7ffa6c8a2092116dadb9c6f6bb696ca34c9d4ccc7f902f92005c8803d2d9a90d74ab904119b36e5bf01c9ea157693f879001abebd23a6d23cfb
- SSDEEP
  
  24576:bMzscMk7UyOoZChSyco5AXYLIOfj3G4zTJsMmgbZX0oOA3OXxmS:bs0kyoISyco5AXYLIO7jpig1aA+XL
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

© 2018-2024

Terms | Privacy