modiloader | e0412214ce67433f44e4e5e62ea81b0672ad535e4ed91f8ee4c1a3d82a48d79e | Triage

Submit
Reports

Overview

overview

Static

static

3

d01c179149...18.exe

windows7-x64

d01c179149...18.exe

windows10-2004-x64

7

Sharing

General

Target

d01c1791496b85dc15c40e8ee442a49e_JaffaCakes118
Size

1.8MB
Sample

241207-b96yzayrfv
MD5

d01c1791496b85dc15c40e8ee442a49e
SHA1

f68e7ea602d9618f8796f5b1c031f0db4de3376e
SHA256

e0412214ce67433f44e4e5e62ea81b0672ad535e4ed91f8ee4c1a3d82a48d79e
SHA512

2194d29fa256878e673290074ac6a3df98446abd306d98fef9020edc03e9f533032a02891ef612e0f2009a06cc3864dbeb42be4564f3ca3344479aee731ce207
SSDEEP

49152:zqEM6l7Oh7rfoSP/n4Tr3cEpmXK8mHRMMMvMMM3:Gt6l7IYSnnCyK8mxMMMvMMM3

Score

10^/10

modiloader discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d01c1791496b85dc15c40e8ee442a49e_JaffaCakes118.exe

Resource

win7-20240708-en

modiloader discovery trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

d01c1791496b85dc15c40e8ee442a49e_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  d01c1791496b85dc15c40e8ee442a49e_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  d01c1791496b85dc15c40e8ee442a49e
- SHA1
  
  f68e7ea602d9618f8796f5b1c031f0db4de3376e
- SHA256
  
  e0412214ce67433f44e4e5e62ea81b0672ad535e4ed91f8ee4c1a3d82a48d79e
- SHA512
  
  2194d29fa256878e673290074ac6a3df98446abd306d98fef9020edc03e9f533032a02891ef612e0f2009a06cc3864dbeb42be4564f3ca3344479aee731ce207
- SSDEEP
  
  49152:zqEM6l7Oh7rfoSP/n4Tr3cEpmXK8mHRMMMvMMM3:Gt6l7IYSnnCyK8mxMMMvMMM3
Score

10^/10

modiloader discovery trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojan

behavioral2

© 2018-2025

Terms | Privacy