modiloader | 2c8ab9a3a01f8daf7ab202a00ca015230ef5c500c1f12edd19f5d47426b5b263 | Triage

Submit
Reports

Overview

overview

Static

static

3

ee64ef4352...18.exe

windows7-x64

ee64ef4352...18.exe

windows10-2004-x64

Sharing

General

Target

ee64ef4352c48c62fff1f2eaa569c088_JaffaCakes118
Size

213KB
Sample

240920-zkjzxaxdmj
MD5

ee64ef4352c48c62fff1f2eaa569c088
SHA1

e541f4056451318292df0a975f98e129e78fbd7b
SHA256

2c8ab9a3a01f8daf7ab202a00ca015230ef5c500c1f12edd19f5d47426b5b263
SHA512

b96481225bdc98e0d15806b476101fb46507ce7999711e8478362c1e43c5f37e0e19eddd052974c57a640d2d1e48b8fb9f9c7520d0d40ee8f67c1c8c56ff78e2
SSDEEP

3072:ymlRNnU+CsIcetvEe6pz9gaPD7nGcaoOj6gYxQ8I8Cue4/IjFKxpILA3ViMYA:vU+CsIcetvr8zaa7icaonguQ8G4da8R

Score

10^/10

modiloader discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ee64ef4352c48c62fff1f2eaa569c088_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ee64ef4352c48c62fff1f2eaa569c088_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ee64ef4352c48c62fff1f2eaa569c088_JaffaCakes118
- Size
  
  213KB
- MD5
  
  ee64ef4352c48c62fff1f2eaa569c088
- SHA1
  
  e541f4056451318292df0a975f98e129e78fbd7b
- SHA256
  
  2c8ab9a3a01f8daf7ab202a00ca015230ef5c500c1f12edd19f5d47426b5b263
- SHA512
  
  b96481225bdc98e0d15806b476101fb46507ce7999711e8478362c1e43c5f37e0e19eddd052974c57a640d2d1e48b8fb9f9c7520d0d40ee8f67c1c8c56ff78e2
- SSDEEP
  
  3072:ymlRNnU+CsIcetvEe6pz9gaPD7nGcaoOj6gYxQ8I8Cue4/IjFKxpILA3ViMYA:vU+CsIcetvr8zaa7icaonguQ8G4da8R
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy