modiloader | 395f5ee80eda7b4148db8245bc9c0a123c96de90f91e8a4a970be8d55fb83121 | Triage

Submit
Reports

Overview

overview

Static

static

943b49cf73...18.exe

windows7-x64

943b49cf73...18.exe

windows10-2004-x64

Sharing

General

Target

943b49cf7329c4ea93379adee7b32eef_JaffaCakes118
Size

828KB
Sample

241124-m3zrvssndn
MD5

943b49cf7329c4ea93379adee7b32eef
SHA1

837da6b02809c559b8d120d92b8271afe176ac63
SHA256

395f5ee80eda7b4148db8245bc9c0a123c96de90f91e8a4a970be8d55fb83121
SHA512

1a6633c7e749d4e85e39313569faa565d27ecb737d8ccbac63eb2e9f17020475ca12d1caa02794d4f8b0c2fb270e83c214ddef7c4f9102f456ec0613cd618512
SSDEEP

12288:Q7o6l8Y5f6aRKo1MY+D7BPvy6/m73IC5k4ziubk:Q7oHyKo1h+pSP73I+k4ziubk

Score

10^/10

modiloader bootkit discovery persistence trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

943b49cf7329c4ea93379adee7b32eef_JaffaCakes118.exe

Resource

win7-20240729-en

modiloader bootkit discovery persistence trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

943b49cf7329c4ea93379adee7b32eef_JaffaCakes118.exe

Resource

win10v2004-20241007-en

modiloader bootkit discovery persistence trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  943b49cf7329c4ea93379adee7b32eef_JaffaCakes118
- Size
  
  828KB
- MD5
  
  943b49cf7329c4ea93379adee7b32eef
- SHA1
  
  837da6b02809c559b8d120d92b8271afe176ac63
- SHA256
  
  395f5ee80eda7b4148db8245bc9c0a123c96de90f91e8a4a970be8d55fb83121
- SHA512
  
  1a6633c7e749d4e85e39313569faa565d27ecb737d8ccbac63eb2e9f17020475ca12d1caa02794d4f8b0c2fb270e83c214ddef7c4f9102f456ec0613cd618512
- SSDEEP
  
  12288:Q7o6l8Y5f6aRKo1MY+D7BPvy6/m73IC5k4ziubk:Q7oHyKo1h+pSP73I+k4ziubk
Score

10^/10

modiloader bootkit discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderbootkitdiscoverypersistencetrojan

behavioral2

modiloaderbootkitdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy