modiloader | 4da42fbe8de5462662d0fd02c95dd197a23da66624e4db904743c1c36fb056b1 | Triage

Submit
Reports

Overview

overview

Static

static

3

436c1b5b33...18.exe

windows7-x64

1

436c1b5b33...18.exe

windows10-2004-x64

Sharing

General

Target

436c1b5b33fa01cd6d0ed5edb26e994e_JaffaCakes118
Size

478KB
Sample

240713-1drxlszgmb
MD5

436c1b5b33fa01cd6d0ed5edb26e994e
SHA1

5f1c1ef4c2a96e0100d4013ec375e821e89de5c7
SHA256

4da42fbe8de5462662d0fd02c95dd197a23da66624e4db904743c1c36fb056b1
SHA512

0d660ee0e891e8c7728bb17ac5ec5f7164839794145b28767aebe8457968431e9fea4081f59c9a578dc9df94a3fd6f98eafa641382e95a6d99ce5dc0e6ae5032
SSDEEP

12288:574XneM7Y9qiH1FtUsAjGwvUg7pA2lVmUk:574OM7Y9qk1EsqG+U4pblS

Score

10^/10

modiloader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

436c1b5b33fa01cd6d0ed5edb26e994e_JaffaCakes118.exe

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

436c1b5b33fa01cd6d0ed5edb26e994e_JaffaCakes118.exe

Resource

win10v2004-20240709-en

modiloader trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  436c1b5b33fa01cd6d0ed5edb26e994e_JaffaCakes118
- Size
  
  478KB
- MD5
  
  436c1b5b33fa01cd6d0ed5edb26e994e
- SHA1
  
  5f1c1ef4c2a96e0100d4013ec375e821e89de5c7
- SHA256
  
  4da42fbe8de5462662d0fd02c95dd197a23da66624e4db904743c1c36fb056b1
- SHA512
  
  0d660ee0e891e8c7728bb17ac5ec5f7164839794145b28767aebe8457968431e9fea4081f59c9a578dc9df94a3fd6f98eafa641382e95a6d99ce5dc0e6ae5032
- SSDEEP
  
  12288:574XneM7Y9qiH1FtUsAjGwvUg7pA2lVmUk:574OM7Y9qk1EsqG+U4pblS
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy