modiloader | 810b08134a3a1d41d3875945eefdf1b4956f5b9c45bc105c090cae18a44bd1f3 | Triage

Submit
Reports

Overview

overview

Static

static

3

ea0c4dc00e...18.exe

windows7-x64

ea0c4dc00e...18.exe

windows10-2004-x64

Sharing

General

Target

ea0c4dc00e4d02dc64724179ef8f7fd0_JaffaCakes118
Size

144KB
Sample

240918-1xpxcsvfqf
MD5

ea0c4dc00e4d02dc64724179ef8f7fd0
SHA1

527b92e6b316b34ee9e1fe70e643fc74ecbb04d5
SHA256

810b08134a3a1d41d3875945eefdf1b4956f5b9c45bc105c090cae18a44bd1f3
SHA512

a9f7f6aa0669a350959ed36c588c4689d0a28ed5280e495910d77b9f82621da1dd9b6cefd5ab37eca8e9ced027f9acbfa0f3f46114a97c5e4d3454110c4de1d4
SSDEEP

3072:b1dlKwgj23+Oz05YoNozDOpXgfRsoOnQbGbgHfmWyw:b1dlZro5yAIRsoOp8eRw

Score

10^/10

modiloader discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ea0c4dc00e4d02dc64724179ef8f7fd0_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ea0c4dc00e4d02dc64724179ef8f7fd0_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  ea0c4dc00e4d02dc64724179ef8f7fd0_JaffaCakes118
- Size
  
  144KB
- MD5
  
  ea0c4dc00e4d02dc64724179ef8f7fd0
- SHA1
  
  527b92e6b316b34ee9e1fe70e643fc74ecbb04d5
- SHA256
  
  810b08134a3a1d41d3875945eefdf1b4956f5b9c45bc105c090cae18a44bd1f3
- SHA512
  
  a9f7f6aa0669a350959ed36c588c4689d0a28ed5280e495910d77b9f82621da1dd9b6cefd5ab37eca8e9ced027f9acbfa0f3f46114a97c5e4d3454110c4de1d4
- SSDEEP
  
  3072:b1dlKwgj23+Oz05YoNozDOpXgfRsoOnQbGbgHfmWyw:b1dlZro5yAIRsoOp8eRw
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy