modiloader | 086d35f26bd2fd886e99744960b394d94e74133c40145a3e2bc6b3877b91ec5d | Triage

Sharing

General

Target

NetWire.exe
Size

1.2MB
Sample

250205-rvgnjazpcx
MD5

7621f79a7f66c25ad6c636d5248abeb9
SHA1

98304e41f82c3aee82213a286abdee9abf79bcce
SHA256

086d35f26bd2fd886e99744960b394d94e74133c40145a3e2bc6b3877b91ec5d
SHA512

59ffcf6eeac00c089e9c77192663d0dc97b2e62cedb6d64fe7dc2e67499abc34e33977e05113c9d39ca6d3e37e8b5c3e6aa926c8526215808b147c0152f7dbfd
SSDEEP

24576:nBlDgE7EmXWAqSvg439vGSVNe1/hqIiHSvd7:n7DlC+GSjiBiyF

Score

10^/10

modiloader discovery trojan

Malware Config

Extracted

Family

modiloader

C2

https://drive.google.com/u/0/uc?id=1TcSctGVBajYMA7CFDc158wpvqkpxmkhJ&export=download

Targets

- Target
  
  NetWire.exe
- Size
  
  1.2MB
- MD5
  
  7621f79a7f66c25ad6c636d5248abeb9
- SHA1
  
  98304e41f82c3aee82213a286abdee9abf79bcce
- SHA256
  
  086d35f26bd2fd886e99744960b394d94e74133c40145a3e2bc6b3877b91ec5d
- SHA512
  
  59ffcf6eeac00c089e9c77192663d0dc97b2e62cedb6d64fe7dc2e67499abc34e33977e05113c9d39ca6d3e37e8b5c3e6aa926c8526215808b147c0152f7dbfd
- SSDEEP
  
  24576:nBlDgE7EmXWAqSvg439vGSVNe1/hqIiHSvd7:n7DlC+GSjiBiyF
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan