modiloader | 22446044c78ccb2c5d08077bedd4c0b714a3d320501c4f9a0744db7ac93ce1b0 | Triage

Submit
Reports

Overview

overview

Static

static

68be40ed6c...18.exe

windows7-x64

68be40ed6c...18.exe

windows10-2004-x64

Sharing

General

Target

68be40ed6ce68d27c9e1da629b7d940c_JaffaCakes118
Size

270KB
Sample

240522-1mkvnahh7z
MD5

68be40ed6ce68d27c9e1da629b7d940c
SHA1

1f5856148c9a7affac02845c7149f32b4f611b9a
SHA256

22446044c78ccb2c5d08077bedd4c0b714a3d320501c4f9a0744db7ac93ce1b0
SHA512

26bd551a3c4cee0f18310953897dd06459a3b507c78a5740cbc9ffe5f7611166a337c7aea6132fe1b782520b1fde8c94bd45e8e4a99808abd77cb6435bd8160d
SSDEEP

6144:qGyjnBSkuV1d4eZd88ORJIf/wTB4R531pc:5YnBSkuVUeZdYqwTq

Score

10^/10

modiloader evasion trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

68be40ed6ce68d27c9e1da629b7d940c_JaffaCakes118.exe

Resource

win7-20240508-en

modiloader evasion trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

68be40ed6ce68d27c9e1da629b7d940c_JaffaCakes118.exe

Resource

win10v2004-20240426-en

modiloader evasion trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  68be40ed6ce68d27c9e1da629b7d940c_JaffaCakes118
- Size
  
  270KB
- MD5
  
  68be40ed6ce68d27c9e1da629b7d940c
- SHA1
  
  1f5856148c9a7affac02845c7149f32b4f611b9a
- SHA256
  
  22446044c78ccb2c5d08077bedd4c0b714a3d320501c4f9a0744db7ac93ce1b0
- SHA512
  
  26bd551a3c4cee0f18310953897dd06459a3b507c78a5740cbc9ffe5f7611166a337c7aea6132fe1b782520b1fde8c94bd45e8e4a99808abd77cb6435bd8160d
- SSDEEP
  
  6144:qGyjnBSkuV1d4eZd88ORJIf/wTB4R531pc:5YnBSkuVUeZdYqwTq
Score

10^/10

modiloader evasion trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderevasiontrojan

behavioral2

modiloaderevasiontrojan

© 2018-2024

Terms | Privacy