modiloader | 1fd55c8a7cb2c2fedf9355bf287f2c74cca66adb92fa5e6b5b1973ce790bcf3c | Triage

Submit
Reports

Overview

overview

Static

static

3

eaa01b9d63...18.exe

windows7-x64

eaa01b9d63...18.exe

windows10-2004-x64

Sharing

General

Target

eaa01b9d636573406e09ba88df1a1269_JaffaCakes118
Size

832KB
Sample

240919-fkf4gasckj
MD5

eaa01b9d636573406e09ba88df1a1269
SHA1

71edf1f5b36fdc2d6d8f0768a021dc3a9fda7abc
SHA256

1fd55c8a7cb2c2fedf9355bf287f2c74cca66adb92fa5e6b5b1973ce790bcf3c
SHA512

ccb9f057e634042a114d4259df4a632edf6f490f28bd663b73dbd673b4d6909a74a9d9f6e01a3ed6c8a6cb5484277deaeb9746481ade87b59a968c8b70b4ae68
SSDEEP

24576:Buc//////ilkVJirwzUn/dl//o7dQKIm0+hIcaIVXLPR5D:Buc//////jfzU/ddg7dR04IcfLZB

Score

10^/10

modiloader discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

eaa01b9d636573406e09ba88df1a1269_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

eaa01b9d636573406e09ba88df1a1269_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  eaa01b9d636573406e09ba88df1a1269_JaffaCakes118
- Size
  
  832KB
- MD5
  
  eaa01b9d636573406e09ba88df1a1269
- SHA1
  
  71edf1f5b36fdc2d6d8f0768a021dc3a9fda7abc
- SHA256
  
  1fd55c8a7cb2c2fedf9355bf287f2c74cca66adb92fa5e6b5b1973ce790bcf3c
- SHA512
  
  ccb9f057e634042a114d4259df4a632edf6f490f28bd663b73dbd673b4d6909a74a9d9f6e01a3ed6c8a6cb5484277deaeb9746481ade87b59a968c8b70b4ae68
- SSDEEP
  
  24576:Buc//////ilkVJirwzUn/dl//o7dQKIm0+hIcaIVXLPR5D:Buc//////jfzU/ddg7dR04IcfLZB
Score

10^/10

modiloader discovery trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojanupx

behavioral2

modiloaderdiscoverytrojanupx

© 2018-2025

Terms | Privacy