modiloader | e710321bdb27fbab238bb50c6a2260457d8ff3e044001b0bca7f61ff045e403a | Triage

Submit
Reports

Overview

overview

Static

static

da2549f052...18.exe

windows7-x64

da2549f052...18.exe

windows10-2004-x64

Sharing

General

Target

da2549f05231e9d9fc2c64dca4c372cb_JaffaCakes118
Size

43KB
Sample

240911-mhek7avenk
MD5

da2549f05231e9d9fc2c64dca4c372cb
SHA1

eeecc38444afc4f2931c6e5c4beedbefe9cbc9b9
SHA256

e710321bdb27fbab238bb50c6a2260457d8ff3e044001b0bca7f61ff045e403a
SHA512

79336e09a23726d9b89982bd6e067746d747594b2251a187347890d97498a334dee70a8ea8e471ac7784676a8ecf0deb5fa1be1e7203c5838b1a46f2e9c17626
SSDEEP

768:1SIq/jORsQZfSLXvjcNcjEk3avaU2+KuEJM4seClAVB:UIq7ORsQK7MFaf+K36xe

Score

10^/10

modiloader collection discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

da2549f05231e9d9fc2c64dca4c372cb_JaffaCakes118.exe

Resource

win7-20240704-en

modiloader collection discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

da2549f05231e9d9fc2c64dca4c372cb_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  da2549f05231e9d9fc2c64dca4c372cb_JaffaCakes118
- Size
  
  43KB
- MD5
  
  da2549f05231e9d9fc2c64dca4c372cb
- SHA1
  
  eeecc38444afc4f2931c6e5c4beedbefe9cbc9b9
- SHA256
  
  e710321bdb27fbab238bb50c6a2260457d8ff3e044001b0bca7f61ff045e403a
- SHA512
  
  79336e09a23726d9b89982bd6e067746d747594b2251a187347890d97498a334dee70a8ea8e471ac7784676a8ecf0deb5fa1be1e7203c5838b1a46f2e9c17626
- SSDEEP
  
  768:1SIq/jORsQZfSLXvjcNcjEk3avaU2+KuEJM4seClAVB:UIq7ORsQK7MFaf+K36xe
Score

10^/10

modiloader collection discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloadercollectiondiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy