modiloader | e8e3de92a6950b07beef477488c7b9b2014cbc729381dd9fabcb50775d005c8c | Triage

Submit
Reports

Overview

overview

Static

static

fc58c73a6f...18.exe

windows7-x64

fc58c73a6f...18.exe

windows10-2004-x64

Sharing

General

Target

fc58c73a6f33b76e3fb197a2f57344d1_JaffaCakes118
Size

871KB
Sample

240928-p585eszble
MD5

fc58c73a6f33b76e3fb197a2f57344d1
SHA1

a6fdb52ca691d699ee9d431c30fc327a7364c14b
SHA256

e8e3de92a6950b07beef477488c7b9b2014cbc729381dd9fabcb50775d005c8c
SHA512

fbaac88bd289425bdc5672236ddba0435d0986dd2686b655df8554b33922e974a73027b08b5c75be495b39bcd30d67ca198952c1ef85ae1e87ae749e5cd5cf6e
SSDEEP

12288:PCnrin3t/UCdwfTnbJO1DMopqQMUsS39d9kRDuwKqSFNroyV/oRpML0:qnrind/U4vqQ+S39daRDuUS/mpML

Score

10^/10

modiloader discovery persistence trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

fc58c73a6f33b76e3fb197a2f57344d1_JaffaCakes118.exe

Resource

win7-20240708-en

modiloader discovery persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc58c73a6f33b76e3fb197a2f57344d1_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery persistence trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  fc58c73a6f33b76e3fb197a2f57344d1_JaffaCakes118
- Size
  
  871KB
- MD5
  
  fc58c73a6f33b76e3fb197a2f57344d1
- SHA1
  
  a6fdb52ca691d699ee9d431c30fc327a7364c14b
- SHA256
  
  e8e3de92a6950b07beef477488c7b9b2014cbc729381dd9fabcb50775d005c8c
- SHA512
  
  fbaac88bd289425bdc5672236ddba0435d0986dd2686b655df8554b33922e974a73027b08b5c75be495b39bcd30d67ca198952c1ef85ae1e87ae749e5cd5cf6e
- SSDEEP
  
  12288:PCnrin3t/UCdwfTnbJO1DMopqQMUsS39d9kRDuwKqSFNroyV/oRpML0:qnrind/U4vqQ+S39daRDuUS/mpML
Score

10^/10

modiloader discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverypersistencetrojan

behavioral2

modiloaderdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy