modiloader | 27907d89c5a36f439571be78de537702e872e6be14d404c8bdc145f7124cff2f | Triage

Submit
Reports

Overview

overview

Static

static

e5dc7f541c...18.exe

windows7-x64

e5dc7f541c...18.exe

windows10-2004-x64

Sharing

General

Target

e5dc7f541cf70dccf1baa1ba60b0f7ea_JaffaCakes118
Size

693KB
Sample

240917-bd377syenk
MD5

e5dc7f541cf70dccf1baa1ba60b0f7ea
SHA1

ef9027e9d66b9cc9180bb182b76dc53a3860e556
SHA256

27907d89c5a36f439571be78de537702e872e6be14d404c8bdc145f7124cff2f
SHA512

a2f0af56e3119f971a73648879f1715979eff36e71549998bfa0e7f752f6a3374f3b49fe68333e6d75040f68e86a55a547b4f0cfbdf8369a9e81677abc767c4c
SSDEEP

12288:Y3VJ/OYwligor0gT+hqeMzlqhlW4t6W7yHKl:Y3VJ/OZligK+gchlWxW7Hl

Score

10^/10

modiloader discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

e5dc7f541cf70dccf1baa1ba60b0f7ea_JaffaCakes118.exe

Resource

win7-20240729-en

modiloader discovery trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e5dc7f541cf70dccf1baa1ba60b0f7ea_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  e5dc7f541cf70dccf1baa1ba60b0f7ea_JaffaCakes118
- Size
  
  693KB
- MD5
  
  e5dc7f541cf70dccf1baa1ba60b0f7ea
- SHA1
  
  ef9027e9d66b9cc9180bb182b76dc53a3860e556
- SHA256
  
  27907d89c5a36f439571be78de537702e872e6be14d404c8bdc145f7124cff2f
- SHA512
  
  a2f0af56e3119f971a73648879f1715979eff36e71549998bfa0e7f752f6a3374f3b49fe68333e6d75040f68e86a55a547b4f0cfbdf8369a9e81677abc767c4c
- SSDEEP
  
  12288:Y3VJ/OYwligor0gT+hqeMzlqhlW4t6W7yHKl:Y3VJ/OZligK+gchlWxW7Hl
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy