Overview

overview

10

Static

static

SecuriteIn...42.exe

windows7-x64

10

SecuriteIn...42.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    131s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2022 01:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win32.SuspectCrc.23812.23342.exe

  • Size

    634KB

  • MD5

    b48fbd453403d09c8eaf4b617ebeebcd

  • SHA1

    6567212fac086e07777de8fb30807315fea3aeac

  • SHA256

    4ef967caea627a1b9cd7f74d31584b69d76f8c532cee528e8815c4f70ae24aa7

  • SHA512

    343ea575ceebfb1b7e61ad527902f860c9431c83ed3231112a02495ec83f24215ffdfb4a09f4d2d3ea050bb176e9fc3f37535ba5dd4744ff973bcc529d87216d

  • SSDEEP

    12288:zytjRg5fcPrlI7o1wWGKSoLPS8jY199t9OxOm4pMn:utWcPpI7oOKlLPfY9DwxOvpMn

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.SuspectCrc.23812.23342.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.SuspectCrc.23812.23342.exe"
    1⤵
      PID:1168

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1168-54-0x00000000760E1000-0x00000000760E3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1168-55-0x0000000000260000-0x000000000028B000-memory.dmp

      Filesize

      172KB

      Download