Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
25/03/2024, 16:56
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
de7e27f8290a353b0f998a6d0a71007c.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
de7e27f8290a353b0f998a6d0a71007c.exe
Resource
win10v2004-20240226-en
2 signatures
150 seconds
General
-
Target
de7e27f8290a353b0f998a6d0a71007c.exe
-
Size
690KB
-
MD5
de7e27f8290a353b0f998a6d0a71007c
-
SHA1
cd032ea7109b1e70636cd53e271a6acbae63a791
-
SHA256
8347295bd1ba9986158cb7dd107ae2ec462820d9b0721695057e60d6b4a3ebb7
-
SHA512
fb90fe17a6e5dbd4723df77c490e2bb082b7afe6d79ae755cf36cfe444707598dadc8df21ae542d5b76f975af26aebe719c85719880a5f84ab8cd912b75e1845
-
SSDEEP
12288:cLJ8IaEF3CbhMemzpeVhpEj7c0DFtIWnuW:cLJRaElQMePyNtI
Score
10/10
Malware Config
Signatures
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage 1 IoCs
resource yara_rule behavioral2/memory/1848-2-0x0000000002270000-0x000000000228B000-memory.dmp modiloader_stage2