modiloader | a46f03ae4f900892f68811a37e0d87ed9ef37cf316e5afd2c27d82cba3deb008 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

b13b6e28e3...18.exe

windows7-x64

b13b6e28e3...18.exe

windows10-2004-x64

Sharing

General

Target

b13b6e28e3e02a62d42c09aca347a56e_JaffaCakes118
Size

21KB
Sample

240820-27m17aybng
MD5

b13b6e28e3e02a62d42c09aca347a56e
SHA1

6c1f69df7b9895e3247e369ece09a2bb43570475
SHA256

a46f03ae4f900892f68811a37e0d87ed9ef37cf316e5afd2c27d82cba3deb008
SHA512

72d0b79404fa6a45714b1de77268c5a4dcf9b2d0707b1e5c6d7b7a2b269d94a780be829bfc497b4d4a2b60cccdcc6034a2de8408759880c4ad16572ce4cede0e
SSDEEP

192:syrNCkGOuZJUAy7A4afcKK79y0BZOoWxZokqUYJLGiliH2JFPEY52MnHVhMYngMX:syrNNGOul14PQtZ5ilvL5bgHOS37Zyg

Score

10^/10

modiloader discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b13b6e28e3e02a62d42c09aca347a56e_JaffaCakes118.exe

Resource

win7-20240705-en

modiloader discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

b13b6e28e3e02a62d42c09aca347a56e_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b13b6e28e3e02a62d42c09aca347a56e_JaffaCakes118
- Size
  
  21KB
- MD5
  
  b13b6e28e3e02a62d42c09aca347a56e
- SHA1
  
  6c1f69df7b9895e3247e369ece09a2bb43570475
- SHA256
  
  a46f03ae4f900892f68811a37e0d87ed9ef37cf316e5afd2c27d82cba3deb008
- SHA512
  
  72d0b79404fa6a45714b1de77268c5a4dcf9b2d0707b1e5c6d7b7a2b269d94a780be829bfc497b4d4a2b60cccdcc6034a2de8408759880c4ad16572ce4cede0e
- SSDEEP
  
  192:syrNCkGOuZJUAy7A4afcKK79y0BZOoWxZokqUYJLGiliH2JFPEY52MnHVhMYngMX:syrNNGOul14PQtZ5ilvL5bgHOS37Zyg
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy