Overview

overview

10

Static

static

BC9wa9Zo.exe

windows7-x64

10

BC9wa9Zo.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    132s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20220901-it
  • resource tags

    arch:x64arch:x86image:win7-20220901-itlocale:it-itos:windows7-x64systemwindows
  • submitted
    05-11-2022 18:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BC9wa9Zo.exe

  • Size

    1.1MB

  • MD5

    3b960e79f96867d21257f2c2e6b68a3a

  • SHA1

    dd39eb43b60a5ce586e22173f5419cdaebc70b62

  • SHA256

    d1f97e10d8b6443fd92d1673143f9d9f672f71caca3ad3f492532681095b4511

  • SHA512

    80ed4f6fbe25dca33a1263490b2d96db1c63313222555050d91a4de91f5b13e0b86704ab45c81c965703b7081a2496d3294f8535ee6a53bdeafe888db85d2b90

  • SSDEEP

    24576:wIk11alpxKYvIOWdB6yCgb8SDxOTeCYSfI5b2sJxHJHtuSCg/c3kCv/oMw2n+OkX:wfQnyC1dA

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BC9wa9Zo.exe
    "C:\Users\Admin\AppData\Local\Temp\BC9wa9Zo.exe"
    1⤵
      PID:1616

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1616-54-0x0000000075C31000-0x0000000075C33000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1616-55-0x00000000002B0000-0x00000000002DB000-memory.dmp

      Filesize

      172KB

      Download