modiloader | 1648c32d086f9b4af712a6c8b3ab4c0eec2071d538e6002c403f99e4e26b4635 | Triage

Submit
Reports

Overview

overview

Static

static

3

17ead8e9d6...18.exe

windows7-x64

17ead8e9d6...18.exe

windows10-2004-x64

3

Sharing

General

Target

17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118
Size

512KB
Sample

240627-3clejsxglc
MD5

17ead8e9d6b2ac70a963a2bfe55b3eb3
SHA1

8d262a304a46c2a90f00ca2fe6b94c93d43efb70
SHA256

1648c32d086f9b4af712a6c8b3ab4c0eec2071d538e6002c403f99e4e26b4635
SHA512

aeb6bb0c4a4dfc9feed23a60c16cd9c182db6eb610d740813a3eed5c421167470caf98da933faffbae91a070d2c9492a50790fa9bc2b931da13726532bdb368f
SSDEEP

12288:Re96JkRrBzE4LZA3mGwUOOgRBWc3c/m3mGAL7OARBWLDa:Re9syzLaWMSn1zWDlnb

Score

10^/10

modiloader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118.exe

Resource

win7-20231129-en

modiloader trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  17ead8e9d6b2ac70a963a2bfe55b3eb3_JaffaCakes118
- Size
  
  512KB
- MD5
  
  17ead8e9d6b2ac70a963a2bfe55b3eb3
- SHA1
  
  8d262a304a46c2a90f00ca2fe6b94c93d43efb70
- SHA256
  
  1648c32d086f9b4af712a6c8b3ab4c0eec2071d538e6002c403f99e4e26b4635
- SHA512
  
  aeb6bb0c4a4dfc9feed23a60c16cd9c182db6eb610d740813a3eed5c421167470caf98da933faffbae91a070d2c9492a50790fa9bc2b931da13726532bdb368f
- SSDEEP
  
  12288:Re96JkRrBzE4LZA3mGwUOOgRBWc3c/m3mGAL7OARBWLDa:Re9syzLaWMSn1zWDlnb
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

© 2018-2024

Terms | Privacy