modiloader | dbb28aee935c3d2be57c794ed240418978731f5164d4279bc7e19ab81fd34ac8 | Triage

Submit
Reports

Overview

overview

Static

static

5

c90cb33d3d...18.exe

windows7-x64

c90cb33d3d...18.exe

windows10-2004-x64

Sharing

General

Target

c90cb33d3dc97cc0416a7156d52b7902_JaffaCakes118
Size

972KB
Sample

241205-xypq7strej
MD5

c90cb33d3dc97cc0416a7156d52b7902
SHA1

642e3691dd871ea2c356f020e69e3707f05f3394
SHA256

dbb28aee935c3d2be57c794ed240418978731f5164d4279bc7e19ab81fd34ac8
SHA512

688ecedb97bd7121a7ffa4053e18c73bce805db4ace25cabf549b7651960125116740ed82549847e9909a11e77746db0c2f724987cc1f3633280876b3eb1c4ed
SSDEEP

24576:h9kUGY07y2qdnHb04svgZCSz90N6ODbIQ6LzID+16AV:rk7n7y2qt704soZjz20ODbIQ0XkA

Score

10^/10

modiloader discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c90cb33d3dc97cc0416a7156d52b7902_JaffaCakes118.exe

Resource

win7-20240903-en

modiloader discovery trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

c90cb33d3dc97cc0416a7156d52b7902_JaffaCakes118.exe

Resource

win10v2004-20241007-en

modiloader discovery trojan upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  c90cb33d3dc97cc0416a7156d52b7902_JaffaCakes118
- Size
  
  972KB
- MD5
  
  c90cb33d3dc97cc0416a7156d52b7902
- SHA1
  
  642e3691dd871ea2c356f020e69e3707f05f3394
- SHA256
  
  dbb28aee935c3d2be57c794ed240418978731f5164d4279bc7e19ab81fd34ac8
- SHA512
  
  688ecedb97bd7121a7ffa4053e18c73bce805db4ace25cabf549b7651960125116740ed82549847e9909a11e77746db0c2f724987cc1f3633280876b3eb1c4ed
- SSDEEP
  
  24576:h9kUGY07y2qdnHb04svgZCSz90N6ODbIQ6LzID+16AV:rk7n7y2qt704soZjz20ODbIQ0XkA
Score

10^/10

modiloader discovery trojan upx
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderdiscoverytrojanupx

behavioral2

modiloaderdiscoverytrojanupx

© 2018-2025

Terms | Privacy