modiloader | f89af8b0c99b707f6d37d1734f2b9c8d0618fb33ce3f63624ca70667c9f249b1 | Triage

Submit
Reports

Overview

overview

Static

static

f406fd52cb...18.exe

windows7-x64

f406fd52cb...18.exe

windows10-2004-x64

Sharing

General

Target

f406fd52cb701867ec4fb7cc7b3093d4_JaffaCakes118
Size

1.4MB
Sample

241215-ps4n6swmbk
MD5

f406fd52cb701867ec4fb7cc7b3093d4
SHA1

fb71afe0f724d0365cbe37759a73f94d3cf287e4
SHA256

f89af8b0c99b707f6d37d1734f2b9c8d0618fb33ce3f63624ca70667c9f249b1
SHA512

2d162476cfb097d84ea0695ea7382645881812c9b2648e9acb48d3afb3bd98af95fdae6da7a3854633529b9fc7d1037868dfd0ec46df8b579834d6744bac971d
SSDEEP

24576:X4/PmqqaRs0ZdPmMEF7PqKqeF8T7T93lWS/5zE/2kbZCLj7T03+XX:XiPdRjZzgWT9osZE/2gWnTZXX

Score

10^/10

modiloader discovery evasion trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f406fd52cb701867ec4fb7cc7b3093d4_JaffaCakes118.exe

Resource

win7-20240708-en

modiloader discovery evasion trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

f406fd52cb701867ec4fb7cc7b3093d4_JaffaCakes118.exe

Resource

win10v2004-20241007-en

modiloader discovery evasion trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  f406fd52cb701867ec4fb7cc7b3093d4_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  f406fd52cb701867ec4fb7cc7b3093d4
- SHA1
  
  fb71afe0f724d0365cbe37759a73f94d3cf287e4
- SHA256
  
  f89af8b0c99b707f6d37d1734f2b9c8d0618fb33ce3f63624ca70667c9f249b1
- SHA512
  
  2d162476cfb097d84ea0695ea7382645881812c9b2648e9acb48d3afb3bd98af95fdae6da7a3854633529b9fc7d1037868dfd0ec46df8b579834d6744bac971d
- SSDEEP
  
  24576:X4/PmqqaRs0ZdPmMEF7PqKqeF8T7T93lWS/5zE/2kbZCLj7T03+XX:XiPdRjZzgWT9osZE/2gWnTZXX
Score

10^/10

modiloader discovery evasion trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Disables Task Manager via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoveryevasiontrojan

behavioral2

modiloaderdiscoveryevasiontrojan

© 2018-2025

Terms | Privacy