win.modern_loader (Back to overview)


aka: AvatarBot

According to PCrisk, ModernLoader, also known as Avatar Bot and AvatarLoader, is a malicious program that has minimalistic loader and RAT (Remote Access Trojan) functionalities.

Loader-type malware is designed to infect devices with additional malicious programs, while RATs enable remote access/control over infected machines. ModernLoader is capable of executing basic commands and injecting malicious modules into systems.

2022-08-30CiscoVanja Svajcer
@online{svajcer:20220830:modernloader:5b62dce, author = {Vanja Svajcer}, title = {{ModernLoader delivers multiple stealers, cryptominers and RATs}}, date = {2022-08-30}, organization = {Cisco}, url = {}, language = {English}, urldate = {2022-08-31} } ModernLoader delivers multiple stealers, cryptominers and RATs
Coinminer DCRat ModernLoader RedLine Stealer SapphireMiner SystemBC

There is no Yara-Signature yet.