modiloader | 187f3851be60bdeb134a1be8fe837081a5409401e7487cadc50b01c14dd597c4 | Triage

Submit
Reports

Overview

overview

Static

static

3

ef90757197...18.exe

windows7-x64

ef90757197...18.exe

windows10-2004-x64

Sharing

General

Target

ef90757197aedda4896c7beb6ded1ee9_JaffaCakes118
Size

582KB
Sample

240921-l54cdswgqc
MD5

ef90757197aedda4896c7beb6ded1ee9
SHA1

6124811788c222296f4ccb9449913a8e55349203
SHA256

187f3851be60bdeb134a1be8fe837081a5409401e7487cadc50b01c14dd597c4
SHA512

1f1222a41acd8eec1bd01ee31b13f80cd37f7091dd1beed02cfc51d2a83905b0e94224e4101512508d6de65ca8363443a974e6bb97b8d8c190cfd45ee6de52bc
SSDEEP

12288:XTo+8Bz1obCOGM7CDg8LzMT2+wg9F3Z4mxxA3LxWL0y087KUOWMf:XTzEogjAVwg9QmXAUIJ/UOtf

Score

10^/10

modiloader discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ef90757197aedda4896c7beb6ded1ee9_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef90757197aedda4896c7beb6ded1ee9_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ef90757197aedda4896c7beb6ded1ee9_JaffaCakes118
- Size
  
  582KB
- MD5
  
  ef90757197aedda4896c7beb6ded1ee9
- SHA1
  
  6124811788c222296f4ccb9449913a8e55349203
- SHA256
  
  187f3851be60bdeb134a1be8fe837081a5409401e7487cadc50b01c14dd597c4
- SHA512
  
  1f1222a41acd8eec1bd01ee31b13f80cd37f7091dd1beed02cfc51d2a83905b0e94224e4101512508d6de65ca8363443a974e6bb97b8d8c190cfd45ee6de52bc
- SSDEEP
  
  12288:XTo+8Bz1obCOGM7CDg8LzMT2+wg9F3Z4mxxA3LxWL0y087KUOWMf:XTzEogjAVwg9QmXAUIJ/UOtf
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy