modiloader | 647840b0c745bb5d9ef481038b6f45f2eda25f8483bbfea733fe7adac03c7455 | Triage

Submit
Reports

Overview

overview

Static

static

3

ed0d6dd066...18.exe

windows7-x64

ed0d6dd066...18.exe

windows10-2004-x64

7

Sharing

General

Target

ed0d6dd06661db39631a957f9ebd3c4c_JaffaCakes118
Size

188KB
Sample

240920-hmsldstdph
MD5

ed0d6dd06661db39631a957f9ebd3c4c
SHA1

e847c151d71e169cbf9f83c93a18bfe5f9c3a6d5
SHA256

647840b0c745bb5d9ef481038b6f45f2eda25f8483bbfea733fe7adac03c7455
SHA512

c6e1740a492d6ebcd99756504e4e452af8711f8aba2d080bcac2ee2e808540624538222eeff6e89086222df57e5f819b90501e15aceee3a898f505d93aa20d24
SSDEEP

3072:pmwFa2NYyJ30qzzhKL6AO00K563RXBXBbourVRPDyrt:phbDzs595chJBbourVRP

Score

10^/10

modiloader defense_evasion discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ed0d6dd06661db39631a957f9ebd3c4c_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ed0d6dd06661db39631a957f9ebd3c4c_JaffaCakes118.exe

Resource

win10v2004-20240802-en

defense_evasion discovery

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  ed0d6dd06661db39631a957f9ebd3c4c_JaffaCakes118
- Size
  
  188KB
- MD5
  
  ed0d6dd06661db39631a957f9ebd3c4c
- SHA1
  
  e847c151d71e169cbf9f83c93a18bfe5f9c3a6d5
- SHA256
  
  647840b0c745bb5d9ef481038b6f45f2eda25f8483bbfea733fe7adac03c7455
- SHA512
  
  c6e1740a492d6ebcd99756504e4e452af8711f8aba2d080bcac2ee2e808540624538222eeff6e89086222df57e5f819b90501e15aceee3a898f505d93aa20d24
- SSDEEP
  
  3072:pmwFa2NYyJ30qzzhKL6AO00K563RXBXBbourVRPDyrt:phbDzs595chJBbourVRP
Score

10^/10

modiloader discovery trojan defense_evasion
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

defense_evasiondiscovery

© 2018-2025

Terms | Privacy