modiloader | 565803163ca6ad0880f9ac664b2f023509004eb775c2e075bbc1e102da24e7ee | Triage

Submit
Reports

Overview

overview

Static

static

f2f3604c86...18.exe

windows7-x64

f2f3604c86...18.exe

windows10-2004-x64

Sharing

General

Target

f2f3604c8623735234aab5b707977fbc_JaffaCakes118
Size

796KB
Sample

240923-x1ec9aybqn
MD5

f2f3604c8623735234aab5b707977fbc
SHA1

abc87a78f4a49cc60fdf03e48a2213d6c2b45e8d
SHA256

565803163ca6ad0880f9ac664b2f023509004eb775c2e075bbc1e102da24e7ee
SHA512

d080fae25d2f08f8902da87ab31a059356145a1c9acddb8865f861ad98a5dd3b594d034a340a82a072dd078aec9747277ccff0b930a976d3710133184d20009f
SSDEEP

24576:HWUY31BRvxg+cx70F2/P8710EsHY4XO3bI:m1TZPFE8FsHTXr

Score

10^/10

modiloader discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f2f3604c8623735234aab5b707977fbc_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

f2f3604c8623735234aab5b707977fbc_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  f2f3604c8623735234aab5b707977fbc_JaffaCakes118
- Size
  
  796KB
- MD5
  
  f2f3604c8623735234aab5b707977fbc
- SHA1
  
  abc87a78f4a49cc60fdf03e48a2213d6c2b45e8d
- SHA256
  
  565803163ca6ad0880f9ac664b2f023509004eb775c2e075bbc1e102da24e7ee
- SHA512
  
  d080fae25d2f08f8902da87ab31a059356145a1c9acddb8865f861ad98a5dd3b594d034a340a82a072dd078aec9747277ccff0b930a976d3710133184d20009f
- SSDEEP
  
  24576:HWUY31BRvxg+cx70F2/P8710EsHY4XO3bI:m1TZPFE8FsHTXr
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy