Fooder
Fooder is a custom malware loader used by the Iran-aligned threat actor MuddyWater (also tracked as Mango Sandstorm, TA450, Seedworm, and Static Kitten). It was first seen in March 2025 and is described as a 64-bit loader capable of loading, decrypting, and executing encrypted payloads entirely in memory, including through reflective loading. Across reporting, Fooder is repeatedly associated with deployment of the MuddyViper backdoor, and is also listed among MuddyWater tooling alongside BugSleep, Phoenix, StealthCache, GhostFetch/HTTP_VIP, GhostBackDoor, CHAR, and RustyWater.
Fooder commonly masquerades as the classic Snake game, including filenames such as Snake_Game.exe and similar executables. Multiple sources state that it incorporates custom delay logic based on Snake-game behavior combined with Windows Sleep API calls to delay execution and hinder automated analysis and traditional detection. It is specifically described as decrypting and executing MuddyViper in memory, making the resulting intrusion more difficult to detect.
In the documented MuddyWater campaign spanning roughly September 2024 to March 2025, Fooder was used against organizations primarily in Israel, with at least one confirmed victim in Egypt. Reported victim sectors include technology, engineering, manufacturing, local government, education, telecom, government, oil and energy, and critical infrastructure. Initial access in this activity was typically achieved through spear-phishing emails containing PDF attachments that linked victims to installers for legitimate remote monitoring and management tools hosted on free file-sharing services such as OneHub, Egnyte, and Mega. Reported tools included Atera, Level, PDQ, and SimpleHelp. After access was established, Fooder was used to deploy MuddyViper, while operators also used additional credential theft tooling such as CE-Notes, LP-Notes, and Blub.
High-confidence capabilities directly attributed to Fooder in the provided content are: loading, decrypting, and running encrypted payloads in memory; reflective loading of MuddyViper and other payloads; masquerading as benign Snake-themed software; and delaying execution to evade analysis. It is also described as being used by MuddyWater in campaigns assessed as focused on credential harvesting, network mapping, and initial-access brokering, including overlap with Lyceum-related activity.
Hunt this family in your stack
Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.
Groups observed using it
2 distinct threat actors attributed by public researchers. Open in Mallory to see the full evidence chain and overlapping campaigns.
Recent attacks have also involved a variety of more sophisticated malware, including the BugSleep backdoor to facilitate file transfers between infected endpoints and C2 servers, a Phoenix injector for deploying BugSleep, the Fooder malware loader and an advanced backdoor tracked as Stealth Cache.
Delivery: Fooder loader disguised as Snake_Game.exe and similar executables
Techniques & procedures
6 distinct techniques documented for this family, organized by ATT&CK tactic.
Initial Access
1 technique“initial access is typically achieved through spearphishing emails, often containing PDF attachments that link to installers for remote monitoring and management (RMM) software hosted on free file-sharing platforms such as OneHub, Egnyte, or Mega.”
Stealth
3 techniquesVariations of a loader already known to be in MuddyWater's arsenal, dubbed the "Fooder" loader, masqueraded as the Snake game.
Just as the game delays reaction time to the player control commands, a dropper deployed by the group commonly tracked as MuddyWater introduces execution delays to avoid detection by antivirus tools that check for rapid malicious activity.
“Fooder… reflectively loads MuddyViper into memory and executes it.”
Credential Access
1 techniqueNotable TTP: Mimikatz loader variant deployed for LSASS credential harvesting
Discovery
1 techniqueCommand and Control
1 techniqueRecent attacks have also involved a variety of more sophisticated malware, including the BugSleep backdoor to facilitate file transfers between infected endpoints and C2 servers, a Phoenix injector for deploying BugSleep, the Fooder malware loader and an advanced backdoor tracked as Stealth Cache.
Recent activity
16 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A loader used to deliver the MuddyViper implant, typically disguised as benign executables for initial infection.
Custom MuddyWater loader used to support delivery and execution of additional payloads.
Loader used by MuddyWater as part of multi-stage malware deployment.
Custom loader used in suspected MuddyWater activity to deploy the MuddyViper backdoor, supporting initial payload delivery and establishment of post-compromise tooling.
The version that knows your environment.
Match every observed IP, domain, and hash against your live telemetry.
Named campaigns wielding this family, with evidence pinned to each claim.
CVEs this family uses for access and lateral movement.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Every documented technique, ranked by evidence weight.
Reddit, Mastodon, and CTI community discussion around this family.