Overview

overview

10

Static

static

3

PO-880182.PDF..exe

windows7-x64

1

PO-880182.PDF..exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231130-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231130-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-12-2023 07:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PO-880182.PDF..exe

  • Size

    1.8MB

  • MD5

    138dbab797d6d49d67f7aa2d0d5c54e9

  • SHA1

    0b799db2170957ee5fffff4eb728c11b9ab37149

  • SHA256

    f8b4f90e536a1cdd95cc100f8db1cbc90970f125110fbe883523e84b0beae62a

  • SHA512

    743914489fc36ad16146b7d24c320b1b743accdd788a9f2951ddfa7ec80312f17e4d3737fc1b06650cee3a9fb788b91f6ba74d516e4631515443563f4a0afcf4

  • SSDEEP

    49152:iytH9q1rUWS1qXtfRGHKpk3H8eiTwHFimH9jIrMKSIa+GGXHIfd2Ddk6L+O/:i+HqJS1qXtfRGHKpk3H8eiTwHFimH9jm

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PO-880182.PDF..exe
    "C:\Users\Admin\AppData\Local\Temp\PO-880182.PDF..exe"
    1⤵
      PID:1768

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1768-0-0x0000000002360000-0x0000000002361000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1768-1-0x0000000002D30000-0x0000000003D30000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/1768-2-0x0000000002D30000-0x0000000003D30000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/1768-4-0x0000000000400000-0x00000000005D5000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/1768-6-0x0000000002360000-0x0000000002361000-memory.dmp

      Filesize

      4KB

      Download