modiloader | c5e34761f79c9564a707b1adb7888b854713e070474115fdf92640af12da53ca | Triage

Submit
Reports

Overview

overview

Static

static

03ddfc92fb...18.exe

windows7-x64

03ddfc92fb...18.exe

windows10-2004-x64

Sharing

General

Target

03ddfc92fb7eedac4f5a4ef89edea61d_JaffaCakes118
Size

75KB
Sample

241001-bndejaxgnd
MD5

03ddfc92fb7eedac4f5a4ef89edea61d
SHA1

553ea058705e3f38e8af33f769ff901f0c04f75d
SHA256

c5e34761f79c9564a707b1adb7888b854713e070474115fdf92640af12da53ca
SHA512

683a20d08057e1f7805c1f1aa803fe129abe8fec41f88ee6d9d0dfce821c14956b392dd37a22ddc456bb8be69c333d2067d2f88b444eae0a386a7a07e4ab1fd2
SSDEEP

1536:mlqDQT96FKJkeUd1XKS5yZ7P5gzD3+hkzDUqlvmQu6Lyo1:v2aCUdZrOgzCMc0yo1

Score

10^/10

modiloader discovery persistence trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

03ddfc92fb7eedac4f5a4ef89edea61d_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

03ddfc92fb7eedac4f5a4ef89edea61d_JaffaCakes118.exe

Resource

win10v2004-20240802-en

modiloader discovery persistence trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  03ddfc92fb7eedac4f5a4ef89edea61d_JaffaCakes118
- Size
  
  75KB
- MD5
  
  03ddfc92fb7eedac4f5a4ef89edea61d
- SHA1
  
  553ea058705e3f38e8af33f769ff901f0c04f75d
- SHA256
  
  c5e34761f79c9564a707b1adb7888b854713e070474115fdf92640af12da53ca
- SHA512
  
  683a20d08057e1f7805c1f1aa803fe129abe8fec41f88ee6d9d0dfce821c14956b392dd37a22ddc456bb8be69c333d2067d2f88b444eae0a386a7a07e4ab1fd2
- SSDEEP
  
  1536:mlqDQT96FKJkeUd1XKS5yZ7P5gzD3+hkzDUqlvmQu6Lyo1:v2aCUdZrOgzCMc0yo1
Score

10^/10

modiloader discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverypersistencetrojan

behavioral2

modiloaderdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy