Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

d00d3d6900...18.exe

windows7-x64

10

d00d3d6900...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d00d3d6900250f09eb895dbd4a1fb07b_JaffaCakes118

  • Size

    668KB

  • Sample

    241207-b1n2ssvlal

  • MD5

    d00d3d6900250f09eb895dbd4a1fb07b

  • SHA1

    e19293bc9b619825a8d8069a5ce048fc36d7878f

  • SHA256

    26ff0e3156bc40836d21f34d99b3ec25e943c83c79dd198dbbf07272ed4ce35e

  • SHA512

    05b71b9dc43a4715442810b2aee6993210459c63b3486454f83aa3ee742c758a1cb48d818b79ea52e55479a968a59570c80c725af4e0e1c7bc4fa8ea2e54c09a

  • SSDEEP

    12288:APdRa/eAHYDS5IDrFVSSyX6axhh9Ms2F5e2F3Z4mxxSDqVTVOCV1:X/Z4oIDr3pB67T6PQmXpVTzV1

Score
10/10
modiloaderdiscoverytrojan

Malware Config

Targets

    • Target

      d00d3d6900250f09eb895dbd4a1fb07b_JaffaCakes118

    • Size

      668KB

    • MD5

      d00d3d6900250f09eb895dbd4a1fb07b

    • SHA1

      e19293bc9b619825a8d8069a5ce048fc36d7878f

    • SHA256

      26ff0e3156bc40836d21f34d99b3ec25e943c83c79dd198dbbf07272ed4ce35e

    • SHA512

      05b71b9dc43a4715442810b2aee6993210459c63b3486454f83aa3ee742c758a1cb48d818b79ea52e55479a968a59570c80c725af4e0e1c7bc4fa8ea2e54c09a

    • SSDEEP

      12288:APdRa/eAHYDS5IDrFVSSyX6axhh9Ms2F5e2F3Z4mxxSDqVTVOCV1:X/Z4oIDr3pB67T6PQmXpVTzV1

    Score
    10/10
    modiloaderdiscoverytrojan

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks