modiloader | 460393d4b25d6e2e6185748207a790c98f69c5dd6ed57a5fe0c94fa6e986ff47 | Triage

Sharing

General

Target

eabe079f3df9a7c7c94744c696936f39_JaffaCakes118
Size

886KB
Sample

240410-k95wcadd7x
MD5

eabe079f3df9a7c7c94744c696936f39
SHA1

e0f736161bdebe6e387de2ea5c52a961d8dd6006
SHA256

460393d4b25d6e2e6185748207a790c98f69c5dd6ed57a5fe0c94fa6e986ff47
SHA512

68406974defd7c64d42fb92093926828036247d3e5806c91aa5e0ad911e220c0d9483e3357b14e4b23678e8159eb50a61f07fb9fee2e557aa548f6fe9e05dd29
SSDEEP

12288:jrmgDOXRVBMr+PIgdwke5XtICweJPcdGWctYScYjY65RnuoUjsCJb3:jrmgKXTMAdwke5uCBJ8GNtYCM6MA6

Score

10^/10

modiloader trojan

Malware Config

Targets

- Target
  
  eabe079f3df9a7c7c94744c696936f39_JaffaCakes118
- Size
  
  886KB
- MD5
  
  eabe079f3df9a7c7c94744c696936f39
- SHA1
  
  e0f736161bdebe6e387de2ea5c52a961d8dd6006
- SHA256
  
  460393d4b25d6e2e6185748207a790c98f69c5dd6ed57a5fe0c94fa6e986ff47
- SHA512
  
  68406974defd7c64d42fb92093926828036247d3e5806c91aa5e0ad911e220c0d9483e3357b14e4b23678e8159eb50a61f07fb9fee2e557aa548f6fe9e05dd29
- SSDEEP
  
  12288:jrmgDOXRVBMr+PIgdwke5XtICweJPcdGWctYScYjY65RnuoUjsCJb3:jrmgKXTMAdwke5uCBJ8GNtYCM6MA6
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan