modiloader | fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506 | Triage

Sharing

General

Target

fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506
Size

235KB
MD5

5fcdf5c35a7cbe6a59524c1f0f328cfb
SHA1

a37be0a5af9e81ff97aaddad0c346dd80eb76b18
SHA256

fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506
SHA512

fa7c3d348326cb62264b252a78bea14b8c23ecd1d4a2574e7893b5212bbc9a1b9e8aa67f2a39c08b6a618459d59a57034031cf21bc3ffb4ffe0e751985998014
SSDEEP

3072:3Gvo6giwpW9DGD2VdKvY/gIg/CtTIuOmxkiozXgeXdHwTBf4Wgczc+0ieoM:3G377xS2Vp2CeiorXdwTBgWx4D

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

fd163fd39079c61bd16fc6d78e653289400443b771e28b0b15c8bb0e9ca38506
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 10KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ