modiloader | 25862ad301f8b84c809256c04c3fa08eae435b77639a2d1e7a92cea143749a2e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

adfce8d0f5...18.exe

windows7-x64

adfce8d0f5...18.exe

windows10-2004-x64

Sharing

General

Target

adfce8d0f5416107a8acd10dde03c1fe_JaffaCakes118
Size

739KB
Sample

240820-fy9b6syemp
MD5

adfce8d0f5416107a8acd10dde03c1fe
SHA1

3e1b9649c0e55f503ab5a30bb7b6240f62c848d5
SHA256

25862ad301f8b84c809256c04c3fa08eae435b77639a2d1e7a92cea143749a2e
SHA512

b3730b36cb46984f64740d29f464f6bb7fc15226df628bb702bc3eefb3a20d629bb247eb50151925851e867e64e85b8f39f951f0018615dd52da97c7d0f32ceb
SSDEEP

12288:RLfYODg2j5RQrFEsRLlF3/qynqj9aMeyZgK2IWATHgcK:xQNO5RQrC0vPxqjo/sMATHgv

Score

10^/10

modiloader discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

adfce8d0f5416107a8acd10dde03c1fe_JaffaCakes118.exe

Resource

win7-20240729-en

modiloader discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

adfce8d0f5416107a8acd10dde03c1fe_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  adfce8d0f5416107a8acd10dde03c1fe_JaffaCakes118
- Size
  
  739KB
- MD5
  
  adfce8d0f5416107a8acd10dde03c1fe
- SHA1
  
  3e1b9649c0e55f503ab5a30bb7b6240f62c848d5
- SHA256
  
  25862ad301f8b84c809256c04c3fa08eae435b77639a2d1e7a92cea143749a2e
- SHA512
  
  b3730b36cb46984f64740d29f464f6bb7fc15226df628bb702bc3eefb3a20d629bb247eb50151925851e867e64e85b8f39f951f0018615dd52da97c7d0f32ceb
- SSDEEP
  
  12288:RLfYODg2j5RQrFEsRLlF3/qynqj9aMeyZgK2IWATHgcK:xQNO5RQrC0vPxqjo/sMATHgv
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy