Overview

overview

10

Static

static

3

3c049c2229...c0.exe

windows7-x64

10

3c049c2229...c0.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    165s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-11-2023 16:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c049c22293a2ca0d2529b8bf1f8956ca99cf0c428c12eb625b4e8d614e056c0.exe

  • Size

    1.7MB

  • MD5

    0cc7dbc2765838b8049a8240a74b7f0d

  • SHA1

    caed5646626b5a15cfd4762b313bf83a45eb4478

  • SHA256

    3c049c22293a2ca0d2529b8bf1f8956ca99cf0c428c12eb625b4e8d614e056c0

  • SHA512

    517eba7f3de18fea7cff93507b45865c4cfc0b13f3e2ce67063f2f83fd58ed2f0cc4638a1b93ae580143b12f36116eebc43e8153e7f6688ea1ad5fd04e0cd9b8

  • SSDEEP

    49152:bZAtX8IxTqh0eJa3DZEe9sRuCVCW4cMyqChsQ:bZmXX8Za31CuCcIMXC+Q

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs
  • Script User-Agent 2 IoCs

    Uses user-agent string associated with script host/environment.

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c049c22293a2ca0d2529b8bf1f8956ca99cf0c428c12eb625b4e8d614e056c0.exe
    "C:\Users\Admin\AppData\Local\Temp\3c049c22293a2ca0d2529b8bf1f8956ca99cf0c428c12eb625b4e8d614e056c0.exe"
    1⤵
      PID:3588

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3588-0-0x0000000002330000-0x0000000002331000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3588-1-0x0000000003100000-0x0000000004100000-memory.dmp
      Filesize

      16.0MB

      Download
    • memory/3588-2-0x0000000000400000-0x00000000005AF000-memory.dmp
      Filesize

      1.7MB

      Download
    • memory/3588-3-0x0000000003100000-0x0000000004100000-memory.dmp
      Filesize

      16.0MB

      Download
    • memory/3588-5-0x0000000000400000-0x00000000005AF000-memory.dmp
      Filesize

      1.7MB

      Download
    • memory/3588-6-0x0000000002330000-0x0000000002331000-memory.dmp
      Filesize

      4KB

      Download