Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    26/03/2024, 09:58

General

  • Target

    dee273e6893f567c1fc6544da0b06108.exe

  • Size

    35KB

  • MD5

    dee273e6893f567c1fc6544da0b06108

  • SHA1

    2962afa143f3f9f097d102251077e7b3d04a8a95

  • SHA256

    0e2113eef5c96365a282184f82823992748ab4b669ef1cb2ce82abf8c277e200

  • SHA512

    cc5990e1a22a3793bfc790aee19ab19e1bfd28c6ccddb1dbf55c4fb3a751813bb73cdba638e7d63af3fc72d556bb696d6d3458b2d5e1a3356180492583538181

  • SSDEEP

    768:fh+olJJ0KU4ITQmH7VIAC+wCRSwHRfoqNiZhQCoEry2m1qSI:xJ0qIsCOAVD4sRAqShbU1I

Score
10/10

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

  • ModiLoader Second Stage 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Processes

  • C:\Users\Admin\AppData\Local\Temp\dee273e6893f567c1fc6544da0b06108.exe
    "C:\Users\Admin\AppData\Local\Temp\dee273e6893f567c1fc6544da0b06108.exe"
    1⤵
      PID:2416

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2416-0-0x0000000000400000-0x0000000000413000-memory.dmp

            Filesize

            76KB

          • memory/2416-1-0x0000000000400000-0x0000000000413000-memory.dmp

            Filesize

            76KB