modiloader | 26e402c7ddc15fb8659a3ea0609d623c37462ad319732d6180fcb81e57c66b3a | Triage

Submit
Reports

Overview

overview

Static

static

3

1b12aa24e3...18.exe

windows7-x64

1b12aa24e3...18.exe

windows10-2004-x64

Sharing

General

Target

1b12aa24e3bd7cafeef537891d05c676_JaffaCakes118
Size

280KB
Sample

240701-nagags1fnq
MD5

1b12aa24e3bd7cafeef537891d05c676
SHA1

c9bccf9083d685cdebade0329501fa4e588670aa
SHA256

26e402c7ddc15fb8659a3ea0609d623c37462ad319732d6180fcb81e57c66b3a
SHA512

41b1848772e50e087b32b4a008502610ac0cf2611f218f2a2ed7672ab8933383629fc0b4f4f2d9d3d66993525dc152f479432d5ae2f1500265c6f847868a07a9
SSDEEP

6144:qV0XlxJnr+/ai2YUPFLZXrP3qKFiWyvUHi+TsS8YiK+IKVPDdjEwm:PXHVga/YOLZXrvdFiWyvUHioslY/piDE

Score

10^/10

modiloader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1b12aa24e3bd7cafeef537891d05c676_JaffaCakes118.exe

Resource

win7-20240611-en

modiloader trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

1b12aa24e3bd7cafeef537891d05c676_JaffaCakes118.exe

Resource

win10v2004-20240611-en

modiloader trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b12aa24e3bd7cafeef537891d05c676_JaffaCakes118
- Size
  
  280KB
- MD5
  
  1b12aa24e3bd7cafeef537891d05c676
- SHA1
  
  c9bccf9083d685cdebade0329501fa4e588670aa
- SHA256
  
  26e402c7ddc15fb8659a3ea0609d623c37462ad319732d6180fcb81e57c66b3a
- SHA512
  
  41b1848772e50e087b32b4a008502610ac0cf2611f218f2a2ed7672ab8933383629fc0b4f4f2d9d3d66993525dc152f479432d5ae2f1500265c6f847868a07a9
- SSDEEP
  
  6144:qV0XlxJnr+/ai2YUPFLZXrP3qKFiWyvUHi+TsS8YiK+IKVPDdjEwm:PXHVga/YOLZXrvdFiWyvUHioslY/piDE
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

modiloadertrojan

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy