modiloader | e237b7ee1da654094646422a1d7b1bc9470d2239c60d85534f5ec458e296c1d9

Analysis

max time kernel
147s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
12-06-2024 01:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e237b7ee1da654094646422a1d7b1bc9470d2239c60d85534f5ec458e296c1d9.exe
Size

1.1MB
MD5

bd4a452505858231744bb9db6d09fe9f
SHA1

017a75350fdf0cee153f086acfacf95420c4ee63
SHA256

e237b7ee1da654094646422a1d7b1bc9470d2239c60d85534f5ec458e296c1d9
SHA512

ae458bf1000b7c5634cb27410c2d0f39b3043dc0abc75c45465a121b9d01559a17f8a3bcdc557882a6fbf1defda12a691ebc367a7a305f6f26ce60a9c1e8cf24
SSDEEP

24576:xbWF0BGjRrxVo079sgiETeAXsiK/e9cvYLgc4mgEC:xHB4PTeAX4qMr3BEC

Score

10^/10

modiloader trojan

Malware Config

Signatures

ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
trojan modiloader

ModiLoader Second Stage 64 IoCs

Processes:

resource	yara_rule
behavioral2/memory/4528-3-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-4-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-5-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-2-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-1-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-6-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-7-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-9-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-8-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-11-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-13-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-16-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-21-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-27-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-37-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-49-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-63-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-61-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-60-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-59-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-58-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-57-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-56-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-55-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-54-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-53-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-52-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-50-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-51-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-47-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-64-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-62-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-44-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-43-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-41-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-38-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-36-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-48-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-46-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-45-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-32-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-42-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-31-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-40-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-30-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-39-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-29-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-28-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-35-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-26-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-34-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-25-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-33-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-24-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-23-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-22-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-20-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-19-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-18-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-17-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-15-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-14-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-12-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2
behavioral2/memory/4528-10-0x0000000002900000-0x0000000003900000-memory.dmp	modiloader_stage2

C:\Users\Admin\AppData\Local\Temp\e237b7ee1da654094646422a1d7b1bc9470d2239c60d85534f5ec458e296c1d9.exe
"C:\Users\Admin\AppData\Local\Temp\e237b7ee1da654094646422a1d7b1bc9470d2239c60d85534f5ec458e296c1d9.exe"
1⤵
PID:4528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4528-0-0x00000000007D0000-0x00000000007D1000-memory.dmp

Filesize
4KB

Download
memory/4528-3-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-4-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-5-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-2-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-1-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-6-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-7-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-9-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-8-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-11-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-13-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-16-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-21-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-27-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-37-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-49-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-63-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-61-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-60-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-59-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-58-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-57-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-56-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-55-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-54-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-53-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-52-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-50-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-51-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-47-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-64-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-62-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-44-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-43-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-41-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-38-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-36-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-48-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-46-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-45-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-32-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-42-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-31-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-40-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-30-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-39-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-29-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-28-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-35-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-26-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-34-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-25-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-33-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-24-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-23-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-22-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-20-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-19-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-18-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-17-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-15-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-14-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-12-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download
memory/4528-10-0x0000000002900000-0x0000000003900000-memory.dmp

Filesize
16.0MB

Download