modiloader | 5dcbf984225d5a2f42d6382630a97b57a097954925465c1369e106efb83cda0c

General

Target

5dcbf984225d5a2f42d6382630a97b57a097954925465c1369e106efb83cda0c.exe
Size

1.6MB
Sample

250310-nhgafssyhs
MD5

55121a01357e08afbb13cd866842160f
SHA1

9baadb101bc10773b9b3b193f8f002e3b5711115
SHA256

5dcbf984225d5a2f42d6382630a97b57a097954925465c1369e106efb83cda0c
SHA512

ec844e64c3f756c2e4195a3d419654818dadc4b5fb678a2af6df7b6efdac4c4c0a1f56c7c3be61eea8dcc5f98e8da97e47f1e918a8e3b5fb1adc72700f5c791c
SSDEEP

24576:i8tlnAd8xNapQHnIuetlVP8w9Si/6nvVlp0cYYa4Tdk4EzS65+19T:iqqqJvI88Si/SvVFnTS4Q5+1V

Score

10^/10

Malware Config

Extracted

Family

warzonerat

C2

198.46.177.153:4532

Targets

- Target
  
  5dcbf984225d5a2f42d6382630a97b57a097954925465c1369e106efb83cda0c.exe
- Size
  
  1.6MB
- MD5
  
  55121a01357e08afbb13cd866842160f
- SHA1
  
  9baadb101bc10773b9b3b193f8f002e3b5711115
- SHA256
  
  5dcbf984225d5a2f42d6382630a97b57a097954925465c1369e106efb83cda0c
- SHA512
  
  ec844e64c3f756c2e4195a3d419654818dadc4b5fb678a2af6df7b6efdac4c4c0a1f56c7c3be61eea8dcc5f98e8da97e47f1e918a8e3b5fb1adc72700f5c791c
- SSDEEP
  
  24576:i8tlnAd8xNapQHnIuetlVP8w9Si/6nvVlp0cYYa4Tdk4EzS65+19T:iqqqJvI88Si/SvVFnTS4Q5+1V
Score

10^/10

discovery modiloader warzonerat collection infostealer rat trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzonerat family
  warzonerat
- ModiLoader Second Stage
- Warzone RAT payload
  rat
- Loads dropped DLL
- Accesses Microsoft Outlook profiles
  collection
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

ModiLoader, DBatLoader

Modiloader family

WarzoneRat, AveMaria

Warzonerat family

ModiLoader Second Stage

Warzone RAT payload

Loads dropped DLL

Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.