Overview

overview

10

Static

static

SWIFT. UNI...DF.exe

windows7_x64

10

SWIFT. UNI...DF.exe

windows10_x64

10

Analysis

  • max time kernel
    169s
  • max time network
    161s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    26-01-2022 12:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SWIFT. UNICREDITGROUP.PDF.exe

  • Size

    869KB

  • MD5

    553be7dc5a8951124308e655d27e0170

  • SHA1

    f51fafc95052a4ff7aa8f9a0a9131bdee4b20ada

  • SHA256

    0183d2fd44e215d6dc408bec45db9767a765767737b737032ff97e75adca46cd

  • SHA512

    1ce3113e5b5c7f804bbf7f8a5c30ab2a3661927ee76030a8f95cc1b2932d0a1ea53f9dd17dcb0f57b08d5282f324750bedf25a78ac40500ec6b9012221e660f2

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader First Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SWIFT. UNICREDITGROUP.PDF.exe
    "C:\Users\Admin\AppData\Local\Temp\SWIFT. UNICREDITGROUP.PDF.exe"
    1⤵
      PID:3436

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3436-115-0x00000000005A0000-0x000000000064E000-memory.dmp
      Filesize

      696KB

      Download
    • memory/3436-117-0x00000000022D0000-0x00000000022EB000-memory.dmp
      Filesize

      108KB

      Download