modiloader | 6f7e87de08d651dabc4b85a9ad2257e4e2b2d564bc61f74b3e65bb24b678145d | Triage

Submit
Reports

Overview

overview

Static

static

868ecee5c3...18.exe

windows7-x64

868ecee5c3...18.exe

windows10-2004-x64

Sharing

General

Target

868ecee5c3640e1af4a4522cceb4bbc0_JaffaCakes118
Size

286KB
Sample

241102-vlc6jazene
MD5

868ecee5c3640e1af4a4522cceb4bbc0
SHA1

4ae090e8036dc7ea46f0cfd7f3a7324181147748
SHA256

6f7e87de08d651dabc4b85a9ad2257e4e2b2d564bc61f74b3e65bb24b678145d
SHA512

f02c1b6b53f27229c131dd346bc9c357e42790c61804e705552dfcef8271ffa5b8c69fb29b6d3436ec04e66c1c0defe7561985055e15e704b2ca3e734499ec5c
SSDEEP

6144:vhCfU2BUGpN1yv5V+/JJNPnlJZe2jLrTVBSx:vhTuyv5VoRZfRB

Score

10^/10

modiloader discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

868ecee5c3640e1af4a4522cceb4bbc0_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

868ecee5c3640e1af4a4522cceb4bbc0_JaffaCakes118.exe

Resource

win10v2004-20241007-en

modiloader discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  868ecee5c3640e1af4a4522cceb4bbc0_JaffaCakes118
- Size
  
  286KB
- MD5
  
  868ecee5c3640e1af4a4522cceb4bbc0
- SHA1
  
  4ae090e8036dc7ea46f0cfd7f3a7324181147748
- SHA256
  
  6f7e87de08d651dabc4b85a9ad2257e4e2b2d564bc61f74b3e65bb24b678145d
- SHA512
  
  f02c1b6b53f27229c131dd346bc9c357e42790c61804e705552dfcef8271ffa5b8c69fb29b6d3436ec04e66c1c0defe7561985055e15e704b2ca3e734499ec5c
- SSDEEP
  
  6144:vhCfU2BUGpN1yv5V+/JJNPnlJZe2jLrTVBSx:vhTuyv5VoRZfRB
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

modiloaderdiscoverytrojan

© 2018-2024

Terms | Privacy