Overview

overview

10

Static

static

BKLULYOT.exe

windows7_x64

10

BKLULYOT.exe

windows10_x64

10

Analysis

  • max time kernel
    166s
  • max time network
    172s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    30-01-2022 07:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BKLULYOT.exe

  • Size

    755KB

  • MD5

    2cb79bcce5050528580bf880f47d9d61

  • SHA1

    32e93d278b70caf5156e8bb1d7bfc8e29658fccc

  • SHA256

    a00a856f0d85fcb7f485777ae81a0b1c52974bb1cd2482ba5e987a7ce8207511

  • SHA512

    a32393ece3ac9e4ff24ae1d50bf81657c4d83772b96bcdcb9c9d6590e0570f2f2c3ebd15ff21cf76be482f292b80138b301159a3bc0d3a4c50e7e215cf0c5b94

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader First Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BKLULYOT.exe
    "C:\Users\Admin\AppData\Local\Temp\BKLULYOT.exe"
    1⤵
      PID:1360

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1360-115-0x0000000000580000-0x00000000006CA000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/1360-116-0x00000000006C1000-0x00000000006D5000-memory.dmp
      Filesize

      80KB

      Download