modiloader | e3312d93400a74c780d9b7229eaf0fa5c1d57861c300503f98405ae81bd3297a | Triage

Submit
Reports

Overview

overview

Static

static

aa61435baa...18.exe

windows7-x64

aa61435baa...18.exe

windows10-2004-x64

Sharing

General

Target

aa61435baa12d4470b7a9ce316e43164_JaffaCakes118
Size

319KB
Sample

241128-bckz8sykbt
MD5

aa61435baa12d4470b7a9ce316e43164
SHA1

129cb131c077e8c1599a4c599a9ab2d0ed53edf2
SHA256

e3312d93400a74c780d9b7229eaf0fa5c1d57861c300503f98405ae81bd3297a
SHA512

180625f00956a528b53a3a0e7931df59a35cc35d7afb2d169a15263efe4bbce4fc5b8d5a95a5552fce7f2cf3b8713fcaca194780eaf8d320dfa5ecc7d585e8c8
SSDEEP

6144:oG377xS2Vp2VpU5A4rwTBl53SpcCJJvHiazXOoSB2:zr7xS2VpmUmQwTwbJJvHLjOoSB

Score

10^/10

modiloader discovery evasion trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

aa61435baa12d4470b7a9ce316e43164_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery evasion trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

aa61435baa12d4470b7a9ce316e43164_JaffaCakes118.exe

Resource

win10v2004-20241007-en

modiloader discovery evasion trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  aa61435baa12d4470b7a9ce316e43164_JaffaCakes118
- Size
  
  319KB
- MD5
  
  aa61435baa12d4470b7a9ce316e43164
- SHA1
  
  129cb131c077e8c1599a4c599a9ab2d0ed53edf2
- SHA256
  
  e3312d93400a74c780d9b7229eaf0fa5c1d57861c300503f98405ae81bd3297a
- SHA512
  
  180625f00956a528b53a3a0e7931df59a35cc35d7afb2d169a15263efe4bbce4fc5b8d5a95a5552fce7f2cf3b8713fcaca194780eaf8d320dfa5ecc7d585e8c8
- SSDEEP
  
  6144:oG377xS2Vp2VpU5A4rwTBl53SpcCJJvHiazXOoSB2:zr7xS2VpmUmQwTwbJJvHLjOoSB
Score

10^/10

modiloader discovery evasion trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoveryevasiontrojanupx

behavioral2

modiloaderdiscoveryevasiontrojanupx

© 2018-2025

Terms | Privacy