modiloader | 75d33edf358545fa7607fad81734902fabd9d4338319ca9a2fdac4f3d1ad128f | Triage

Submit
Reports

Overview

overview

Static

static

3

d2d925bb90...18.exe

windows7-x64

d2d925bb90...18.exe

windows10-2004-x64

Sharing

General

Target

d2d925bb90af25789ef2bd5fce902141_JaffaCakes118
Size

161KB
Sample

240907-z22laavhjl
MD5

d2d925bb90af25789ef2bd5fce902141
SHA1

cf419bda1d003d9ca40245fe41193657e2af1492
SHA256

75d33edf358545fa7607fad81734902fabd9d4338319ca9a2fdac4f3d1ad128f
SHA512

68c77fbcb5d47346f77cbf602555a0c05d0987e0895c055ab38585b17328445363fb04e958976dedba7a29fbd5c7d2b3add024492986c7b5ca090641433db242
SSDEEP

3072:bzcuUaFSwl0sxNXiizLUyfmy5I0EWFoL2H59+k0euTuhWxgf3SRoEl:bzcuHSwlnxZLu4d/oeuqRSRd

Score

10^/10

modiloader discovery persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d2d925bb90af25789ef2bd5fce902141_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d2d925bb90af25789ef2bd5fce902141_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  d2d925bb90af25789ef2bd5fce902141_JaffaCakes118
- Size
  
  161KB
- MD5
  
  d2d925bb90af25789ef2bd5fce902141
- SHA1
  
  cf419bda1d003d9ca40245fe41193657e2af1492
- SHA256
  
  75d33edf358545fa7607fad81734902fabd9d4338319ca9a2fdac4f3d1ad128f
- SHA512
  
  68c77fbcb5d47346f77cbf602555a0c05d0987e0895c055ab38585b17328445363fb04e958976dedba7a29fbd5c7d2b3add024492986c7b5ca090641433db242
- SSDEEP
  
  3072:bzcuUaFSwl0sxNXiizLUyfmy5I0EWFoL2H59+k0euTuhWxgf3SRoEl:bzcuHSwlnxZLu4d/oeuqRSRd
Score

10^/10

modiloader discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverypersistencetrojan

behavioral2

modiloaderdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy