Analysis
-
max time kernel
143s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
31/01/2024, 08:10
Behavioral task
behavioral1
Sample
83e68e59ca350acc5b8a1054495e4ca3.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
83e68e59ca350acc5b8a1054495e4ca3.exe
Resource
win10v2004-20231215-en
2 signatures
150 seconds
General
-
Target
83e68e59ca350acc5b8a1054495e4ca3.exe
-
Size
866KB
-
MD5
83e68e59ca350acc5b8a1054495e4ca3
-
SHA1
a839f4aeb8b6cfbe1ada10f1ddec051dd8494fe9
-
SHA256
771fe28a3badaecb878edf4940f04b915ae9953a2c606b2ab2658f79d2f3855a
-
SHA512
9c2c571d40e35cb45c0a8723e821e86811cacdf7a5c1245739b7cf6f088ab6d24049ab63830b90ee59dcb46f87a4eed017af44d14c70fe0de4fe7bff56f30f95
-
SSDEEP
24576:UBM9di/XaZXxvR7aH0rjHi2DvsJmuKQ7vmJF:UBM7i/KRx5Hbi2DUJmmvmJF
Score
10/10
Malware Config
Signatures
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage 1 IoCs
resource yara_rule behavioral2/memory/4992-1-0x0000000000400000-0x00000000004DF000-memory.dmp modiloader_stage2