Overview

overview

10

Static

static

FAKTURA D.exe

windows7-x64

10

FAKTURA D.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    131s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    01-02-2023 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FAKTURA D.exe

  • Size

    933KB

  • MD5

    afde364aee4a09ee066be56ac65d7c97

  • SHA1

    1572338e17c4afc4c938c7e8b23221eb22034350

  • SHA256

    89a0b619faac303d57d409fd7849b98b9239e4c16f49d4a0f9eb43a7df93cabf

  • SHA512

    11cd6afa5e3aeb291ffd8f423623d053e302bbeab028130837af3c2a33779af4aa8afef10d5bca668dd9cdb4637cbdf3bbd17b5b0b864560ec233fc635ac4930

  • SSDEEP

    12288:BENV/fB+g9GgglTA/CsFA4Mv5Eko1M+c/ibBdxQ7zPZ+mLJtzR:Bo79CGPmtqc/i7IBnzR

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FAKTURA D.exe
    "C:\Users\Admin\AppData\Local\Temp\FAKTURA D.exe"
    1⤵
      PID:1424

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1424-54-0x0000000074DA1000-0x0000000074DA3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1424-55-0x0000000002130000-0x000000000215C000-memory.dmp

      Filesize

      176KB

      Download