modiloader | c1a66a9cc4d856d825a773a57f1d710c1130b547fd1239d53fe5ee006bf971d6 | Triage

Sharing

General

Target

c1a66a9cc4d856d825a773a57f1d710c1130b547fd1239d53fe5ee006bf971d6
Size

248KB
MD5

9dc2db6fb68dfa9fa75edec811fd43f5
SHA1

c501c821785967d7f4f2cccfba27b95b4b6171ee
SHA256

c1a66a9cc4d856d825a773a57f1d710c1130b547fd1239d53fe5ee006bf971d6
SHA512

5b1b18f87a7bf5b39d823ddf2f87621c1c4524ab50077f1ab8d7b09227dca638fbf11a4240dce8da209679e8445859d3de2a249c1d8e1ea1e0d2458b89222c98
SSDEEP

3072:1ukOjy1Yk2hgWPkE7PvBd4/eaDLoF6q1FKF1OOyzedFLngb0SnIWll2IFZwzP:zOjy1Yk2Z1+GO8AUF6Ry07I2nzP

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

c1a66a9cc4d856d825a773a57f1d710c1130b547fd1239d53fe5ee006bf971d6
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 217KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ