modiloader | 485a4b4fcb0f7f52c4f78daa2c93e3255552a576c8f25392f1b666df31332748 | Triage

Submit
Reports

Overview

overview

Static

static

3

f563f00b91...18.exe

windows7-x64

f563f00b91...18.exe

windows10-2004-x64

Sharing

General

Target

f563f00b91d1ef4525f378fd326f3afa_JaffaCakes118
Size

666KB
Sample

240925-g6adgssgpa
MD5

f563f00b91d1ef4525f378fd326f3afa
SHA1

0ec5d7ee5e4cd2ed8b878f676a9d0df59dad0868
SHA256

485a4b4fcb0f7f52c4f78daa2c93e3255552a576c8f25392f1b666df31332748
SHA512

bec36461db9cb7418a4b2ad3e3e987f1fe604ad7a517be8cbbce72698e8e71729900a8bd3989b7b965c6e772ccc596b6811cc9838d63b5d16dc770a7fe2b0214
SSDEEP

12288:BdRa/eAHYDS5IDrFVSSyX6axhh9Ms2CF3Z4mxxESi7hG2h98PB3m6u/iO:U/Z4oIDr3pB67TpQmXELG2ho6

Score

10^/10

modiloader discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f563f00b91d1ef4525f378fd326f3afa_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f563f00b91d1ef4525f378fd326f3afa_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  f563f00b91d1ef4525f378fd326f3afa_JaffaCakes118
- Size
  
  666KB
- MD5
  
  f563f00b91d1ef4525f378fd326f3afa
- SHA1
  
  0ec5d7ee5e4cd2ed8b878f676a9d0df59dad0868
- SHA256
  
  485a4b4fcb0f7f52c4f78daa2c93e3255552a576c8f25392f1b666df31332748
- SHA512
  
  bec36461db9cb7418a4b2ad3e3e987f1fe604ad7a517be8cbbce72698e8e71729900a8bd3989b7b965c6e772ccc596b6811cc9838d63b5d16dc770a7fe2b0214
- SSDEEP
  
  12288:BdRa/eAHYDS5IDrFVSSyX6axhh9Ms2CF3Z4mxxESi7hG2h98PB3m6u/iO:U/Z4oIDr3pB67TpQmXELG2ho6
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2025

Terms | Privacy