modiloader | df1546c3d2ea202751066de728a81884d88a2f11c4f5ac7822f025d840e1326d | Triage

Submit
Reports

Overview

overview

Static

static

15f119296f...18.exe

windows7-x64

15f119296f...18.exe

windows10-2004-x64

Sharing

General

Target

15f119296f5a5d12c9450b627d6e4a85_JaffaCakes118
Size

71KB
Sample

240627-n9rv9szhkd
MD5

15f119296f5a5d12c9450b627d6e4a85
SHA1

6e0e373450fe65e628ca37b9c50d52daf8e7de14
SHA256

df1546c3d2ea202751066de728a81884d88a2f11c4f5ac7822f025d840e1326d
SHA512

66bb75b2dea3b127ea0284493116441b0c788dc5891e489dc8bbe9eeaac25b5f2020390e9fed4bde60fb57e33f74d85fea65fcfc9c1382b1c22aec97279b815e
SSDEEP

768:WJ55L9L8rJLCd9kIPkOgRyETC8EqRhttz8f/KSCquMH0GQuJIq5OpBl+OqJTo:I5L9LOaockRTSNCquMH0GQ2OpBl+R

Score

10^/10

modiloader trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

15f119296f5a5d12c9450b627d6e4a85_JaffaCakes118.exe

Resource

win7-20240611-en

modiloader trojan

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

15f119296f5a5d12c9450b627d6e4a85_JaffaCakes118.exe

Resource

win10v2004-20240611-en

modiloader trojan

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  15f119296f5a5d12c9450b627d6e4a85_JaffaCakes118
- Size
  
  71KB
- MD5
  
  15f119296f5a5d12c9450b627d6e4a85
- SHA1
  
  6e0e373450fe65e628ca37b9c50d52daf8e7de14
- SHA256
  
  df1546c3d2ea202751066de728a81884d88a2f11c4f5ac7822f025d840e1326d
- SHA512
  
  66bb75b2dea3b127ea0284493116441b0c788dc5891e489dc8bbe9eeaac25b5f2020390e9fed4bde60fb57e33f74d85fea65fcfc9c1382b1c22aec97279b815e
- SSDEEP
  
  768:WJ55L9L8rJLCd9kIPkOgRyETC8EqRhttz8f/KSCquMH0GQuJIq5OpBl+OqJTo:I5L9LOaockRTSNCquMH0GQ2OpBl+R
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy