modiloader | 86f9db5c9f8414ca8f22bbf875e70914c832d800353159fde15e458c32520c52 | Triage

Submit
Reports

Overview

overview

Static

static

afe8bbef79...18.exe

windows7-x64

afe8bbef79...18.exe

windows10-2004-x64

Sharing

General

Target

afe8bbef79fe01712c2b222912fc0ec8_JaffaCakes118
Size

812KB
Sample

241129-jwypfazlbj
MD5

afe8bbef79fe01712c2b222912fc0ec8
SHA1

ba735e6136f9426f26b5389b4453daffff3cebbe
SHA256

86f9db5c9f8414ca8f22bbf875e70914c832d800353159fde15e458c32520c52
SHA512

1baad7683d653e9515422202a6d34a872c6d7a0e15cace2384c2f35118643fc9701c2ff98c1e997518bf71130d702397f7a81a3d537408aed9a2065b26652d43
SSDEEP

12288:fr7xS2Vp6RwTyCHbJJvHZKreJncWDUkayDm5OcALw2xkcHCpjYP0MeTPDFiqkkad:BS2Vp6RwTVJvHVSWDRDz50YQAmPDy1U6

Score

10^/10

modiloader discovery evasion trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

afe8bbef79fe01712c2b222912fc0ec8_JaffaCakes118.exe

Resource

win7-20241023-en

modiloader discovery evasion trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

afe8bbef79fe01712c2b222912fc0ec8_JaffaCakes118.exe

Resource

win10v2004-20241007-en

modiloader discovery evasion trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  afe8bbef79fe01712c2b222912fc0ec8_JaffaCakes118
- Size
  
  812KB
- MD5
  
  afe8bbef79fe01712c2b222912fc0ec8
- SHA1
  
  ba735e6136f9426f26b5389b4453daffff3cebbe
- SHA256
  
  86f9db5c9f8414ca8f22bbf875e70914c832d800353159fde15e458c32520c52
- SHA512
  
  1baad7683d653e9515422202a6d34a872c6d7a0e15cace2384c2f35118643fc9701c2ff98c1e997518bf71130d702397f7a81a3d537408aed9a2065b26652d43
- SSDEEP
  
  12288:fr7xS2Vp6RwTyCHbJJvHZKreJncWDUkayDm5OcALw2xkcHCpjYP0MeTPDFiqkkad:BS2Vp6RwTVJvHVSWDRDz50YQAmPDy1U6
Score

10^/10

modiloader discovery evasion trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- UAC bypass
  evasion trojan
- ModiLoader Second Stage
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoveryevasiontrojan

behavioral2

modiloaderdiscoveryevasiontrojan

© 2018-2025

Terms | Privacy