modiloader | ee6cfa9cd7f3f9fe0759ebacf8f5fe4d848e9097737ae69ed083bd68d615c894 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

2c8ca337d3...18.exe

windows7-x64

2c8ca337d3...18.exe

windows10-2004-x64

3

Sharing

General

Target

2c8ca337d3f57c127ce9fec4b8bde3d4_JaffaCakes118
Size

717KB
Sample

241009-hcl1vsygmq
MD5

2c8ca337d3f57c127ce9fec4b8bde3d4
SHA1

fbe37a0a779d5f009eec5d94edeee7a347ee1b28
SHA256

ee6cfa9cd7f3f9fe0759ebacf8f5fe4d848e9097737ae69ed083bd68d615c894
SHA512

66bff3a47c91e2df4091e592675afcdb223a8e2006a03d143e0c58ae2276b6ab754d6430ce3d22622ac52597035a028794e3723287f4631f828bed418bafd2a1
SSDEEP

12288:+c//////K4x2hhiyL0WYlTJPqFLTb6oIxSs6tnPnMZ8/ilgLZapFgDg9tKK2xumQ:+c//////K84L0WY5RSLTWoIx5+nfYVKU

Score

10^/10

modiloader discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

2c8ca337d3f57c127ce9fec4b8bde3d4_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2c8ca337d3f57c127ce9fec4b8bde3d4_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  2c8ca337d3f57c127ce9fec4b8bde3d4_JaffaCakes118
- Size
  
  717KB
- MD5
  
  2c8ca337d3f57c127ce9fec4b8bde3d4
- SHA1
  
  fbe37a0a779d5f009eec5d94edeee7a347ee1b28
- SHA256
  
  ee6cfa9cd7f3f9fe0759ebacf8f5fe4d848e9097737ae69ed083bd68d615c894
- SHA512
  
  66bff3a47c91e2df4091e592675afcdb223a8e2006a03d143e0c58ae2276b6ab754d6430ce3d22622ac52597035a028794e3723287f4631f828bed418bafd2a1
- SSDEEP
  
  12288:+c//////K4x2hhiyL0WYlTJPqFLTb6oIxSs6tnPnMZ8/ilgLZapFgDg9tKK2xumQ:+c//////K84L0WY5RSLTWoIx5+nfYVKU
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

© 2018-2025

Terms | Privacy