modiloader | 40ba6de8c25ea41e85c4983e0517f35f7cb7127766a2b648bb7d31b0e7950808 | Triage

Submit
Reports

Overview

overview

Static

static

3

1d17ba51c5...18.exe

windows7-x64

3

1d17ba51c5...18.exe

windows10-2004-x64

Sharing

General

Target

1d17ba51c52b330f11082a5e39efc0ab_JaffaCakes118
Size

393KB
Sample

240702-aqp1nsyhjd
MD5

1d17ba51c52b330f11082a5e39efc0ab
SHA1

e77c312ff8e98451c8379a5d64c844540b2a1b2a
SHA256

40ba6de8c25ea41e85c4983e0517f35f7cb7127766a2b648bb7d31b0e7950808
SHA512

11840cccd74162a2c86dc39831cf3ce363ffcb1303bf1daecc0cff3256043d14cbdc3142910b34fd9933b0020ae0410397c75755c78fd77ec6828396df710de6
SSDEEP

12288:CdM+bqz9wg/WW4t07ei8Eh05EpFL0La+d:CdM+bqz9rW5+7ei81+ptu

Score

10^/10

modiloader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1d17ba51c52b330f11082a5e39efc0ab_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

1d17ba51c52b330f11082a5e39efc0ab_JaffaCakes118.exe

Resource

win10v2004-20240508-en

modiloader trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  1d17ba51c52b330f11082a5e39efc0ab_JaffaCakes118
- Size
  
  393KB
- MD5
  
  1d17ba51c52b330f11082a5e39efc0ab
- SHA1
  
  e77c312ff8e98451c8379a5d64c844540b2a1b2a
- SHA256
  
  40ba6de8c25ea41e85c4983e0517f35f7cb7127766a2b648bb7d31b0e7950808
- SHA512
  
  11840cccd74162a2c86dc39831cf3ce363ffcb1303bf1daecc0cff3256043d14cbdc3142910b34fd9933b0020ae0410397c75755c78fd77ec6828396df710de6
- SSDEEP
  
  12288:CdM+bqz9wg/WW4t07ei8Eh05EpFL0La+d:CdM+bqz9rW5+7ei81+ptu
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy