modiloader | daf9f747eac23f8b788d4a1a94d98b74c4a790c5d67a9339894a5fdd0c3f347f | Triage

Submit
Reports

Overview

overview

Static

static

3

1df7fafc0f...18.exe

windows7-x64

1

1df7fafc0f...18.exe

windows10-2004-x64

Sharing

General

Target

1df7fafc0f08a4e41f69e60b38017f6f_JaffaCakes118
Size

466KB
Sample

240702-evh55svfnh
MD5

1df7fafc0f08a4e41f69e60b38017f6f
SHA1

2e408cc8bda7218f66acbee3d033d26d39ef5b32
SHA256

daf9f747eac23f8b788d4a1a94d98b74c4a790c5d67a9339894a5fdd0c3f347f
SHA512

4689043db343d0889cd27a059a84e5ec4a3ff3ee1606fbbc4b86b9d1576987e0f0148a2f49ff7d713b5fcc010ade413ae72b79c4820d21d8a705189ef1059f48
SSDEEP

12288:12bc9NgGEAiGW4wav7bD89Irza3vJ6z3wRpV:8FAY4RnI9+GDRX

Score

10^/10

modiloader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1df7fafc0f08a4e41f69e60b38017f6f_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1df7fafc0f08a4e41f69e60b38017f6f_JaffaCakes118.exe

Resource

win10v2004-20240611-en

modiloader trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  1df7fafc0f08a4e41f69e60b38017f6f_JaffaCakes118
- Size
  
  466KB
- MD5
  
  1df7fafc0f08a4e41f69e60b38017f6f
- SHA1
  
  2e408cc8bda7218f66acbee3d033d26d39ef5b32
- SHA256
  
  daf9f747eac23f8b788d4a1a94d98b74c4a790c5d67a9339894a5fdd0c3f347f
- SHA512
  
  4689043db343d0889cd27a059a84e5ec4a3ff3ee1606fbbc4b86b9d1576987e0f0148a2f49ff7d713b5fcc010ade413ae72b79c4820d21d8a705189ef1059f48
- SSDEEP
  
  12288:12bc9NgGEAiGW4wav7bD89Irza3vJ6z3wRpV:8FAY4RnI9+GDRX
Score

10^/10

modiloader trojan
- ModiLoader, DBatLoader
  ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
  trojan modiloader
- ModiLoader Second Stage
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

modiloadertrojan

© 2018-2024

Terms | Privacy