modiloader | df5527a90177404a0a270f93c9ef9dc4d8fad716ce24b0502eeca9a47b8ca19e | Triage

Submit
Reports

Overview

overview

Static

static

3

a3e2c0b57f...18.exe

windows7-x64

a3e2c0b57f...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

a3e2c0b57fb62debdecb734066e7e743_JaffaCakes118
Size

218KB
Sample

240817-ygrd5swcpj
MD5

a3e2c0b57fb62debdecb734066e7e743
SHA1

fe29d146bc4f69ab3d6f8060c420b1883f33c07a
SHA256

df5527a90177404a0a270f93c9ef9dc4d8fad716ce24b0502eeca9a47b8ca19e
SHA512

2a2314125c13a602433de2a480f94ae7b7cdc4a90d4132c4b9eddca43004ab960ccfe24dcabcc12173ed8078f98e62251bbee5a385ba0eef12323c6392049e6a
SSDEEP

6144:mWq/S8mIdqoR+tvCNCL85NQOuLtfdRrRG8ugxya:+p/otvCy0QOmfH4gxya

Score

10^/10

modiloader defense_evasion discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a3e2c0b57fb62debdecb734066e7e743_JaffaCakes118.exe

Resource

win7-20240729-en

modiloader defense_evasion discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

a3e2c0b57fb62debdecb734066e7e743_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader defense_evasion discovery trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  a3e2c0b57fb62debdecb734066e7e743_JaffaCakes118
- Size
  
  218KB
- MD5
  
  a3e2c0b57fb62debdecb734066e7e743
- SHA1
  
  fe29d146bc4f69ab3d6f8060c420b1883f33c07a
- SHA256
  
  df5527a90177404a0a270f93c9ef9dc4d8fad716ce24b0502eeca9a47b8ca19e
- SHA512
  
  2a2314125c13a602433de2a480f94ae7b7cdc4a90d4132c4b9eddca43004ab960ccfe24dcabcc12173ed8078f98e62251bbee5a385ba0eef12323c6392049e6a
- SSDEEP
  
  6144:mWq/S8mIdqoR+tvCNCL85NQOuLtfdRrRG8ugxya:+p/otvCy0QOmfH4gxya
Score

10^/10

modiloader defense_evasion discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdefense_evasiondiscoverytrojan

behavioral2

modiloaderdefense_evasiondiscoverytrojan

© 2018-2025

Terms | Privacy