modiloader | 8817202fda09d9bd88681a85f470400b1a9cc63d147653b230f09ce94c11e2a4 | Triage

Submit
Reports

Overview

overview

Static

static

4545fc10b2...18.exe

windows7-x64

4545fc10b2...18.exe

windows10-2004-x64

Sharing

General

Target

4545fc10b27ce3bb20b5cf9a41cac84e_JaffaCakes118
Size

397KB
Sample

240515-j5wlfagf7x
MD5

4545fc10b27ce3bb20b5cf9a41cac84e
SHA1

fdd3010c7fa4c126dc88b4fff1c2f0f807eecae4
SHA256

8817202fda09d9bd88681a85f470400b1a9cc63d147653b230f09ce94c11e2a4
SHA512

04c017e983d4740b8aac48e58df0d92356c2efee400a42c312456563b4e236d78b5d242a9e9692d2e343561c69b71fed2b5540b041bda27e8bc5ae7e487f0887
SSDEEP

6144:cLy84u9nSO2GjZkD10BIY3rb1YfBdfpoZ3u/Ht52w6JSeiFPXVhP:I+u9nx2GjMY3XKfd/H/9PPP

Score

10^/10

modiloader persistence trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

4545fc10b27ce3bb20b5cf9a41cac84e_JaffaCakes118.exe

Resource

win7-20240508-en

modiloader persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

4545fc10b27ce3bb20b5cf9a41cac84e_JaffaCakes118.exe

Resource

win10v2004-20240508-en

modiloader persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  4545fc10b27ce3bb20b5cf9a41cac84e_JaffaCakes118
- Size
  
  397KB
- MD5
  
  4545fc10b27ce3bb20b5cf9a41cac84e
- SHA1
  
  fdd3010c7fa4c126dc88b4fff1c2f0f807eecae4
- SHA256
  
  8817202fda09d9bd88681a85f470400b1a9cc63d147653b230f09ce94c11e2a4
- SHA512
  
  04c017e983d4740b8aac48e58df0d92356c2efee400a42c312456563b4e236d78b5d242a9e9692d2e343561c69b71fed2b5540b041bda27e8bc5ae7e487f0887
- SSDEEP
  
  6144:cLy84u9nSO2GjZkD10BIY3rb1YfBdfpoZ3u/Ht52w6JSeiFPXVhP:I+u9nx2GjMY3XKfd/H/9PPP
Score

10^/10

modiloader persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderpersistencetrojan

behavioral2

modiloaderpersistencetrojan

© 2018-2024

Terms | Privacy