modiloader | fbcd13416ab02b4de7063249c5348f14956a69728dd92d21ff7ccfde441696b7 | Triage

Sharing

General

Target

JaffaCakes118_068b3257f6dab923432381cdd158833e
Size

114KB
Sample

250121-wxghrswraq
MD5

068b3257f6dab923432381cdd158833e
SHA1

f207687c676a8a40d7986d5b6205de0cea48a24a
SHA256

fbcd13416ab02b4de7063249c5348f14956a69728dd92d21ff7ccfde441696b7
SHA512

174af27b32963a2c01ad79a5a30f62da914b2caaa3648f5dfe25e7ae512272997db52ef318d1b41ba1a564ab287a40ae133e48daab797449ba02e5618b3f38d0
SSDEEP

3072:noHGC9/kMv09kDN9xlNiukJWncvDrWAw75yZ:nMt9/kMv0GDN/liWOWx0

Score

10^/10

modiloader adware defense_evasion discovery stealer trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_068b3257f6dab923432381cdd158833e
- Size
  
  114KB
- MD5
  
  068b3257f6dab923432381cdd158833e
- SHA1
  
  f207687c676a8a40d7986d5b6205de0cea48a24a
- SHA256
  
  fbcd13416ab02b4de7063249c5348f14956a69728dd92d21ff7ccfde441696b7
- SHA512
  
  174af27b32963a2c01ad79a5a30f62da914b2caaa3648f5dfe25e7ae512272997db52ef318d1b41ba1a564ab287a40ae133e48daab797449ba02e5618b3f38d0
- SSDEEP
  
  3072:noHGC9/kMv09kDN9xlNiukJWncvDrWAw75yZ:nMt9/kMv0GDN/liWOWx0
Score

10^/10

modiloader adware defense_evasion discovery stealer trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- Modifies firewall policy service
  defense_evasion
- Modiloader family
  modiloader
- ModiLoader Second Stage
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

modiloaderadwaredefense_evasiondiscoverystealertrojan

behavioral2

modiloaderadwaredefense_evasiondiscoverystealertrojan