Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://linkvertise....

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://linkvertise.com/1208172/solara-bootstrapper?o=sharing

  • Sample

    241223-yg1yksyqhm

Score
10/10
modiloaderdefense_evasiondiscoverypersistencetrojan

Malware Config

Targets

    • Target

      https://linkvertise.com/1208172/solara-bootstrapper?o=sharing

    Score
    10/10
    modiloaderdefense_evasiondiscoverypersistencetrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

      defense_evasion

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks