modiloader | 379e374520db63779edfdf1c48d1e44956b572da11e4d7786268f011eca716c5 | Triage

Submit
Reports

Overview

overview

Static

static

379e374520...5N.exe

windows7-x64

379e374520...5N.exe

windows10-2004-x64

Sharing

General

Target

379e374520db63779edfdf1c48d1e44956b572da11e4d7786268f011eca716c5N.exe
Size

324KB
Sample

250116-lla7hatpg1
MD5

35954658c16d55b18e0ec3c69e37fba0
SHA1

2b6382d757472f408283d5f588efeb7029cc2852
SHA256

379e374520db63779edfdf1c48d1e44956b572da11e4d7786268f011eca716c5
SHA512

5854b25c6df3ef545a18ccb48d03ff6d6c23b8a9a2e1e6b8d7266a826e71c935795ff2bec0283b50ef4823220ad3f3ac2ba66427b3fa7edc72c3ede6ed7f9711
SSDEEP

6144:QGyjnBSkuV1d4eZd88ORJIf/wTBt532GnhpcCO4oS0v:bYnBSkuVUeZdYqwT77oS

Score

10^/10

modiloader discovery evasion trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

379e374520db63779edfdf1c48d1e44956b572da11e4d7786268f011eca716c5N.exe

Resource

win7-20241010-en

modiloader discovery evasion trojan upx

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

379e374520db63779edfdf1c48d1e44956b572da11e4d7786268f011eca716c5N.exe

Resource

win10v2004-20241007-en

modiloader discovery evasion trojan upx

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  379e374520db63779edfdf1c48d1e44956b572da11e4d7786268f011eca716c5N.exe
- Size
  
  324KB
- MD5
  
  35954658c16d55b18e0ec3c69e37fba0
- SHA1
  
  2b6382d757472f408283d5f588efeb7029cc2852
- SHA256
  
  379e374520db63779edfdf1c48d1e44956b572da11e4d7786268f011eca716c5
- SHA512
  
  5854b25c6df3ef545a18ccb48d03ff6d6c23b8a9a2e1e6b8d7266a826e71c935795ff2bec0283b50ef4823220ad3f3ac2ba66427b3fa7edc72c3ede6ed7f9711
- SSDEEP
  
  6144:QGyjnBSkuV1d4eZd88ORJIf/wTBt532GnhpcCO4oS0v:bYnBSkuVUeZdYqwT77oS
Score

10^/10

modiloader discovery evasion trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Checks whether UAC is enabled
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoveryevasiontrojanupx

behavioral2

modiloaderdiscoveryevasiontrojanupx

© 2018-2025

Terms | Privacy