modiloader | fd6cc37123112b9f982df1320590853dbda5745a9a227bc7dc1ee866516679fa | Triage

Submit
Reports

Overview

overview

Static

static

3

4a45a721aa...18.exe

windows7-x64

4a45a721aa...18.exe

windows10-2004-x64

Sharing

General

Target

4a45a721aa6ca893c0ab3ed35e123c37_JaffaCakes118
Size

285KB
Sample

240715-sw4ecszflb
MD5

4a45a721aa6ca893c0ab3ed35e123c37
SHA1

73bd56f3d576e6c8def39aa5ac02c50426a38ae7
SHA256

fd6cc37123112b9f982df1320590853dbda5745a9a227bc7dc1ee866516679fa
SHA512

8f07e0a18d491205d9cb535b437693174ba23e952d44f99e7f2b12c85871b112e4af208a5bdb7e75ec6713ae994a043381743fa7c250bf1adc166bf8c7a67b70
SSDEEP

6144:6S0V4yAf1iClOOnXcxKY5RnxWyfQs1F0Xd8Vxs1CkHS68RPbMLE1z:4V4yiiCBnXEph0Xd8VbJdR4g

Score

10^/10

modiloader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4a45a721aa6ca893c0ab3ed35e123c37_JaffaCakes118.exe

Resource

win7-20240704-en

modiloader trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

4a45a721aa6ca893c0ab3ed35e123c37_JaffaCakes118.exe

Resource

win10v2004-20240704-en

modiloader trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  4a45a721aa6ca893c0ab3ed35e123c37_JaffaCakes118
- Size
  
  285KB
- MD5
  
  4a45a721aa6ca893c0ab3ed35e123c37
- SHA1
  
  73bd56f3d576e6c8def39aa5ac02c50426a38ae7
- SHA256
  
  fd6cc37123112b9f982df1320590853dbda5745a9a227bc7dc1ee866516679fa
- SHA512
  
  8f07e0a18d491205d9cb535b437693174ba23e952d44f99e7f2b12c85871b112e4af208a5bdb7e75ec6713ae994a043381743fa7c250bf1adc166bf8c7a67b70
- SSDEEP
  
  6144:6S0V4yAf1iClOOnXcxKY5RnxWyfQs1F0Xd8Vxs1CkHS68RPbMLE1z:4V4yiiCBnXEph0Xd8VbJdR4g
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan

© 2018-2025

Terms | Privacy