modiloader | 5159f1c16ee8cfa35c97d99ffcbb7bd1363f5fe760e09071d70152bde8756843 | Triage

Submit
Reports

Overview

overview

Static

static

d540f19870...18.exe

windows7-x64

d540f19870...18.exe

windows10-2004-x64

Sharing

General

Target

d540f19870a5195c87f3039511b74774_JaffaCakes118
Size

546KB
Sample

240908-226lcazdqn
MD5

d540f19870a5195c87f3039511b74774
SHA1

2e3ccc1fb775b357482cf5bbb53b69716cc9e736
SHA256

5159f1c16ee8cfa35c97d99ffcbb7bd1363f5fe760e09071d70152bde8756843
SHA512

30a619527751a9187ba54a9cfc34dd65b191a1bfbfd219b31e4534a511eced4780ef21d684fd0a6b10077d14a089e5f1e5ae7130f3f0cc80d03f9a976ce6115d
SSDEEP

12288:Gh/UC6A+y1vbS+Vnjz936iOnQMkcB8iLpBfYBux:Gh/wA11vbS+VjZd2QMkl+pBfYQx

Score

10^/10

modiloader defense_evasion discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

d540f19870a5195c87f3039511b74774_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader defense_evasion discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

d540f19870a5195c87f3039511b74774_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader defense_evasion discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  d540f19870a5195c87f3039511b74774_JaffaCakes118
- Size
  
  546KB
- MD5
  
  d540f19870a5195c87f3039511b74774
- SHA1
  
  2e3ccc1fb775b357482cf5bbb53b69716cc9e736
- SHA256
  
  5159f1c16ee8cfa35c97d99ffcbb7bd1363f5fe760e09071d70152bde8756843
- SHA512
  
  30a619527751a9187ba54a9cfc34dd65b191a1bfbfd219b31e4534a511eced4780ef21d684fd0a6b10077d14a089e5f1e5ae7130f3f0cc80d03f9a976ce6115d
- SSDEEP
  
  12288:Gh/UC6A+y1vbS+Vnjz936iOnQMkcB8iLpBfYBux:Gh/wA11vbS+VjZd2QMkl+pBfYQx
Score

10^/10

modiloader defense_evasion discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdefense_evasiondiscoverytrojan

behavioral2

modiloaderdefense_evasiondiscoverytrojan

© 2018-2025

Terms | Privacy