modiloader | f5b7777b5d2535e7f4517dc1c3396b27feffc1b20f35b3df0a98e6547829f27a | Triage

Submit
Reports

Overview

overview

Static

static

3

00b3dcdd7d...18.exe

windows7-x64

00b3dcdd7d...18.exe

windows10-2004-x64

Sharing

General

Target

00b3dcdd7d0a8d2af09a288e82370e76_JaffaCakes118
Size

46KB
Sample

240930-lsr4laycml
MD5

00b3dcdd7d0a8d2af09a288e82370e76
SHA1

b685f958e2e8b01d70e30acf232de97fe2d2298a
SHA256

f5b7777b5d2535e7f4517dc1c3396b27feffc1b20f35b3df0a98e6547829f27a
SHA512

dd58f305a10a24b5f8257cd455709456783f112b168c1d7116d76912a6d24cf74775c0b7a56e1551e65d0a2571aeaad162c0b00f0636ec719bc6d3747a924887
SSDEEP

768:jmP25dcqgFF89wsz5Ny9qF4OQF2qVLSgM7Ctxu1RU/sdlk7YIp2vdJXIeN0eMSs:jmP25o7sz549Sg22SgMmru1xuMRvAeNU

Score

10^/10

modiloader defense_evasion discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

00b3dcdd7d0a8d2af09a288e82370e76_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader defense_evasion discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

00b3dcdd7d0a8d2af09a288e82370e76_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader defense_evasion discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  00b3dcdd7d0a8d2af09a288e82370e76_JaffaCakes118
- Size
  
  46KB
- MD5
  
  00b3dcdd7d0a8d2af09a288e82370e76
- SHA1
  
  b685f958e2e8b01d70e30acf232de97fe2d2298a
- SHA256
  
  f5b7777b5d2535e7f4517dc1c3396b27feffc1b20f35b3df0a98e6547829f27a
- SHA512
  
  dd58f305a10a24b5f8257cd455709456783f112b168c1d7116d76912a6d24cf74775c0b7a56e1551e65d0a2571aeaad162c0b00f0636ec719bc6d3747a924887
- SSDEEP
  
  768:jmP25dcqgFF89wsz5Ny9qF4OQF2qVLSgM7Ctxu1RU/sdlk7YIp2vdJXIeN0eMSs:jmP25o7sz549Sg22SgMmru1xuMRvAeNU
Score

10^/10

modiloader defense_evasion discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdefense_evasiondiscoverytrojan

behavioral2

modiloaderdefense_evasiondiscoverytrojan

© 2018-2025

Terms | Privacy