Overview

overview

10

Static

static

3

00023134214252615.exe

windows7-x64

10

00023134214252615.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231201-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231201-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-12-2023 16:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00023134214252615.exe

  • Size

    2.3MB

  • MD5

    bda2a1a253dd21d5cfa68b37c8baa3ca

  • SHA1

    a53d1d0ca6dc57d3672296c7960ed29e8d127fcf

  • SHA256

    9b85d318cfad613f6da6b2264b0b09a6f980def72e6c3c763e0373f005454aff

  • SHA512

    31cdc5c58098097c91a5b60998071429d9c69d37652528e124bbf5941b679b00cedb88a40ba09d266c181870898c00935c640916a7b64cd17a405b32428ca90f

  • SSDEEP

    49152:UkQzWGa8pH8yc0/wU2lpe63ZrxKrVEbRIqiPt41fFehg1mQ5C:UNqGa8pcyV/wjpdZrxEVEtI14/qn

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\00023134214252615.exe
    "C:\Users\Admin\AppData\Local\Temp\00023134214252615.exe"
    1⤵
      PID:3124

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3124-0-0x00000000023F0000-0x00000000023F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3124-1-0x00000000031D0000-0x00000000041D0000-memory.dmp
      Filesize

      16.0MB

      Download
    • memory/3124-2-0x00000000031D0000-0x00000000041D0000-memory.dmp
      Filesize

      16.0MB

      Download
    • memory/3124-4-0x0000000000400000-0x0000000000651000-memory.dmp
      Filesize

      2.3MB

      Download