Overview

overview

10

Static

static

SecuriteIn...21.exe

windows7-x64

10

SecuriteIn...21.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    131s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    08-12-2022 12:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win32.TrojanX-gen.27370.4621.exe

  • Size

    872KB

  • MD5

    ebb759f2c6d7817d44d4ebc7697589a1

  • SHA1

    93c1779663848ed2577db076eb1e5ac625a594c4

  • SHA256

    e6303d0730eaecd16e8a3becf77fce3d5da13155d2e27e102ecc2b700ad42814

  • SHA512

    22166ccf32ad1fcfd639c3825609e9d595db946d82d97bb20b25c49c114e2c676d5458348a1ea34293338004d8f0d5e5b81b899b993153a58f1d9fa946ce62d4

  • SSDEEP

    24576:kquhRLtMs3tJSZ4TjP7D7w2hT3/ronB7:kjXMiM8T3MnB7

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.TrojanX-gen.27370.4621.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.TrojanX-gen.27370.4621.exe"
    1⤵
      PID:1672

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1672-54-0x0000000075111000-0x0000000075113000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1672-55-0x0000000000270000-0x000000000029B000-memory.dmp

      Filesize

      172KB

      Download