modiloader | ac0e5d1f233f391959f1b6cb2d2d9663d8c05cf8cfaca2eb0a548750ae26e411 | Triage

Submit
Reports

Overview

overview

Static

static

3

dcf04c2cc7...18.exe

windows7-x64

dcf04c2cc7...18.exe

windows10-2004-x64

Sharing

General

Target

dcf04c2cc7f19b59a0bdd421b4099cad_JaffaCakes118
Size

358KB
Sample

240912-yj68da1ejp
MD5

dcf04c2cc7f19b59a0bdd421b4099cad
SHA1

595bc4df3cf36487566da6562565cf9797514532
SHA256

ac0e5d1f233f391959f1b6cb2d2d9663d8c05cf8cfaca2eb0a548750ae26e411
SHA512

8ca3715076ab43a30072042c13355a000ce38b37813b82bed7c4192a4670d687e5ba4576ceedb386901bf23099bd6cd6704f8d83a27c77788b485176ce559f9f
SSDEEP

6144:V1GWAE41PIEnpmDxRon0Me4FDM8iD56e1zxs1gLLoTwPvJjFi46Bg3vUR1hyrE5:VYDrAxRUdFo8QJFxEwNQ9g/wt

Score

10^/10

modiloader discovery persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dcf04c2cc7f19b59a0bdd421b4099cad_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery persistence trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

dcf04c2cc7f19b59a0bdd421b4099cad_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery persistence trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  dcf04c2cc7f19b59a0bdd421b4099cad_JaffaCakes118
- Size
  
  358KB
- MD5
  
  dcf04c2cc7f19b59a0bdd421b4099cad
- SHA1
  
  595bc4df3cf36487566da6562565cf9797514532
- SHA256
  
  ac0e5d1f233f391959f1b6cb2d2d9663d8c05cf8cfaca2eb0a548750ae26e411
- SHA512
  
  8ca3715076ab43a30072042c13355a000ce38b37813b82bed7c4192a4670d687e5ba4576ceedb386901bf23099bd6cd6704f8d83a27c77788b485176ce559f9f
- SSDEEP
  
  6144:V1GWAE41PIEnpmDxRon0Me4FDM8iD56e1zxs1gLLoTwPvJjFi46Bg3vUR1hyrE5:VYDrAxRUdFo8QJFxEwNQ9g/wt
Score

10^/10

modiloader discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverypersistencetrojan

behavioral2

modiloaderdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy