modiloader | 6fdc9369308c02ae8900195c9cf35ba5fe9bbc413528d120d89b58565a570ca4

General

Target

840811766424aee4f30e965b0ff4a28b_JaffaCakes118
Size

1.3MB
Sample

241101-ev99maxarn
MD5

840811766424aee4f30e965b0ff4a28b
SHA1

0ffc079a42ef83228806e1893c879994719ef1f0
SHA256

6fdc9369308c02ae8900195c9cf35ba5fe9bbc413528d120d89b58565a570ca4
SHA512

7ff9a2df5e78b09e39135553e469aa0f100ad56971cfd65931e93f3e9f78565bc3ada1e681bf3aaa51f0be507bad242bcf161dc98c3cd0dac54b619ac7803996
SSDEEP

24576:RnGl2Ag90Odj2sz4CoU1TO/5xwZYZ4rXZnpubKVLbuQFVXt75pnBqJehQBvAG0D:AY79fECoU1TE5NuXZ4bKVLD55p8JeaBC

Score

10^/10

Malware Config

Targets

- Target
  
  840811766424aee4f30e965b0ff4a28b_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  840811766424aee4f30e965b0ff4a28b
- SHA1
  
  0ffc079a42ef83228806e1893c879994719ef1f0
- SHA256
  
  6fdc9369308c02ae8900195c9cf35ba5fe9bbc413528d120d89b58565a570ca4
- SHA512
  
  7ff9a2df5e78b09e39135553e469aa0f100ad56971cfd65931e93f3e9f78565bc3ada1e681bf3aaa51f0be507bad242bcf161dc98c3cd0dac54b619ac7803996
- SSDEEP
  
  24576:RnGl2Ag90Odj2sz4CoU1TO/5xwZYZ4rXZnpubKVLbuQFVXt75pnBqJehQBvAG0D:AY79fECoU1TE5NuXZ4bKVLD55p8JeaBC
Score

10^/10

modiloader discovery evasion themida trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ModiLoader, DBatLoader

Modiloader family

ModiLoader Second Stage

Themida packer

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2