modiloader | 38c3b07b574abc69b31efc0f98c252214551dd526948293a6f70b79f54dd8bb3 | Triage

Submit
Reports

Overview

overview

Static

static

3

WaveCracked_Setup.exe

windows11-21h2-x64

Sharing

General

Target

WaveCracked_Setup.exe
Size

45KB
Sample

250111-14xwjsvjdp
MD5

7101449b9a90ea416179cefbb79bf959
SHA1

32d2be427b63fd96a14ded9d64a68ff05a674fdb
SHA256

38c3b07b574abc69b31efc0f98c252214551dd526948293a6f70b79f54dd8bb3
SHA512

6ce87169bb0cf49b5fb1fbf21040cbc2367da7abacb3cce0eaac0142ee59bd43508a27d5eb45ca5c3b1269dfccfb1b2cf50df048f694cc98d501768b271d2f82
SSDEEP

768:aH4QlpbwGgC7eNB9kTvObyCawfTWccGLrrd9w3NGuDgN:6lpVgi7Obl9faoLrrd9cGuc

Score

10^/10

modiloader aspackv2 discovery evasion execution trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

WaveCracked_Setup.exe

Resource

win11-20241007-en

modiloader aspackv2 discovery evasion execution trojan

windows11-21h2-x64

22 signatures

300 seconds

Malware Config

Targets

- Target
  
  WaveCracked_Setup.exe
- Size
  
  45KB
- MD5
  
  7101449b9a90ea416179cefbb79bf959
- SHA1
  
  32d2be427b63fd96a14ded9d64a68ff05a674fdb
- SHA256
  
  38c3b07b574abc69b31efc0f98c252214551dd526948293a6f70b79f54dd8bb3
- SHA512
  
  6ce87169bb0cf49b5fb1fbf21040cbc2367da7abacb3cce0eaac0142ee59bd43508a27d5eb45ca5c3b1269dfccfb1b2cf50df048f694cc98d501768b271d2f82
- SSDEEP
  
  768:aH4QlpbwGgC7eNB9kTvObyCawfTWccGLrrd9w3NGuDgN:6lpVgi7Obl9faoLrrd9cGuc
Score

10^/10

modiloader aspackv2 discovery evasion execution trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Modiloader family
  modiloader
- ModiLoader Second Stage
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Command and Scripting Interpreter: PowerShell
  Start PowerShell.
  execution
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderaspackv2discoveryevasionexecutiontrojan

© 2018-2025

Terms | Privacy