modiloader | 370282e3a32b36f33d36b51fa714fa82a094891233c3095af72a0ee301bdaee7 | Triage

Submit
Reports

Overview

overview

Static

static

3

d771086169...18.exe

windows7-x64

d771086169...18.exe

windows10-2004-x64

Sharing

General

Target

d771086169826aa64c01a037c499fee2_JaffaCakes118
Size

83KB
Sample

241208-rgqdhswjdz
MD5

d771086169826aa64c01a037c499fee2
SHA1

09e0218055718f001b04160b60f8e5950c14022c
SHA256

370282e3a32b36f33d36b51fa714fa82a094891233c3095af72a0ee301bdaee7
SHA512

31473e619354229b70f668aa4c0ae99284416fbf08ae62ddb0603b43a2adbf34201e25210abfa735a03e04c38b3d86cd21dd764f33567a0c89c687d4d18abe21
SSDEEP

1536:WQSSJwFrk4VsRL/q3NkXVj2dqgvVEzRSUqlvmQu6Lyo5j:WQU16L/q3eVP2EzRl0yo5j

Score

10^/10

modiloader discovery persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d771086169826aa64c01a037c499fee2_JaffaCakes118.exe

Resource

win7-20240708-en

modiloader discovery persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

d771086169826aa64c01a037c499fee2_JaffaCakes118.exe

Resource

win10v2004-20241007-en

modiloader discovery persistence trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  d771086169826aa64c01a037c499fee2_JaffaCakes118
- Size
  
  83KB
- MD5
  
  d771086169826aa64c01a037c499fee2
- SHA1
  
  09e0218055718f001b04160b60f8e5950c14022c
- SHA256
  
  370282e3a32b36f33d36b51fa714fa82a094891233c3095af72a0ee301bdaee7
- SHA512
  
  31473e619354229b70f668aa4c0ae99284416fbf08ae62ddb0603b43a2adbf34201e25210abfa735a03e04c38b3d86cd21dd764f33567a0c89c687d4d18abe21
- SSDEEP
  
  1536:WQSSJwFrk4VsRL/q3NkXVj2dqgvVEzRSUqlvmQu6Lyo5j:WQU16L/q3eVP2EzRl0yo5j
Score

10^/10

modiloader discovery persistence trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverypersistencetrojan

behavioral2

modiloaderdiscoverypersistencetrojan

© 2018-2025

Terms | Privacy