Analysis
-
max time kernel
140s -
max time network
183s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
01-12-2022 09:30
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.TrojanX-gen.360.32285.exe
Resource
win7-20221111-en
windows7-x64
2 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Win32.TrojanX-gen.360.32285.exe
-
Size
824KB
-
MD5
4575f347077760e1257159f74291fad0
-
SHA1
d65c9fa35db54403c42b2731f6c616317eb23b78
-
SHA256
109ab3837f865b4ba288ca4a1fa4e8d416c04b3686376c55128553d4a4db55b5
-
SHA512
d238fead3b0efa0c6140f587b1d9ff9a9b7298189d6153a3d53aaeaa95b440807e9871ed60706e85c5f396f272ce6ab548184a0ba64c9f8e7b04300fed96936e
-
SSDEEP
12288:88xW3p8fe9EgNBWWJXVy20V0abqYU3K4j2X2Er5OxG2:8xCfe9EmLJlNIF3RXVr0G
Score
10/10
Malware Config
Signatures
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1748-55-0x0000000001EE0000-0x0000000001F0B000-memory.dmp modiloader_stage2