modiloader | 057dc97ce28997ca55b14fc270770772f26c23a83479759c4ee300b84be12ed1

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
31/08/2024, 22:39

Target

cdbb234da9468313385669b8e09b03bc_JaffaCakes118.exe
Size

16KB
MD5

cdbb234da9468313385669b8e09b03bc
SHA1

85f34774fc997be266cb16f702a59d4ec85caa02
SHA256

057dc97ce28997ca55b14fc270770772f26c23a83479759c4ee300b84be12ed1
SHA512

4a3636678eab2afabb86accfe41ae61dbbefecee40ca0c698d0276d56365e8cc0d96155763665840142825f868d14ed2175c5d63c46783d9708c44028213a227
SSDEEP

192:nUx6KMgpK3RFLTwAYsOKLkHGZ2vC+ANZ+bT2jxD53tcZTnAEZ+fKXi5:+Mgo3RFH3HLsuZRxD59cBAE4ii5

Score

10^/10

modiloader trojan

ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
trojan modiloader

ModiLoader Second Stage 1 IoCs

resource	yara_rule
behavioral1/memory/1704-0-0x0000000010000000-0x000000001000B000-memory.dmp	modiloader_stage2

C:\Users\Admin\AppData\Local\Temp\cdbb234da9468313385669b8e09b03bc_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\cdbb234da9468313385669b8e09b03bc_JaffaCakes118.exe"
1⤵
PID:1704

memory/1704-0-0x0000000010000000-0x000000001000B000-memory.dmp

Filesize
44KB

Download