modiloader | 23ee628201a6572eef21e88cd3a6b99b016b6b10e61f55c9eb57928f7dde9e14 | Triage

Submit
Reports

Overview

overview

Static

static

f094a3b022...18.exe

windows7-x64

f094a3b022...18.exe

windows10-2004-x64

Sharing

General

Target

f094a3b0221453cb41535ce4912377c8_JaffaCakes118
Size

413KB
Sample

240921-zjyfxasfph
MD5

f094a3b0221453cb41535ce4912377c8
SHA1

cd2eaf02d63695379d775fef3f3e80e14a6ffdc6
SHA256

23ee628201a6572eef21e88cd3a6b99b016b6b10e61f55c9eb57928f7dde9e14
SHA512

111c25f2b72657f7e38fc28dababb8d275ff169e8a59d68981a64e2f0c3198250b1deaf3dc6e5b6e053debe5d4606639b54560d471012e0af863301d6a0ac503
SSDEEP

6144:e8t57QciskQbmfX0P9rdhdurPHP2OuptvAbfg/RLMmIy8x9qLtsXtdbeDziZlJ8O:vzkfI4ebPk4/Zz8xELtsveDz2lJF4k

Score

10^/10

modiloader discovery trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

f094a3b0221453cb41535ce4912377c8_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

f094a3b0221453cb41535ce4912377c8_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  f094a3b0221453cb41535ce4912377c8_JaffaCakes118
- Size
  
  413KB
- MD5
  
  f094a3b0221453cb41535ce4912377c8
- SHA1
  
  cd2eaf02d63695379d775fef3f3e80e14a6ffdc6
- SHA256
  
  23ee628201a6572eef21e88cd3a6b99b016b6b10e61f55c9eb57928f7dde9e14
- SHA512
  
  111c25f2b72657f7e38fc28dababb8d275ff169e8a59d68981a64e2f0c3198250b1deaf3dc6e5b6e053debe5d4606639b54560d471012e0af863301d6a0ac503
- SSDEEP
  
  6144:e8t57QciskQbmfX0P9rdhdurPHP2OuptvAbfg/RLMmIy8x9qLtsXtdbeDziZlJ8O:vzkfI4ebPk4/Zz8xELtsveDz2lJF4k
Score

10^/10

modiloader discovery trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojanupx

behavioral2

modiloaderdiscoverytrojanupx

© 2018-2025

Terms | Privacy