modiloader | f75df36095323750f6a74c43053e7cc3e5e22046a276bb396714c1060dd61f33 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f75df36095323750f6a74c43053e7cc3e5e22046a276bb396714c1060dd61f33
Size

336KB
MD5

92693b6229d01e1afff7cac6553718c0
SHA1

b8fbe9102e42e0397ae8e134de86a3fd24e8ed84
SHA256

f75df36095323750f6a74c43053e7cc3e5e22046a276bb396714c1060dd61f33
SHA512

cd4b980742b824fae91b112ff23792a049d47fdb99835f4a1197e3da18d739c722036bd08bd0ee8e506a6f0859d51823d5b5686b54c625ceac7548b731c4b61c
SSDEEP

6144:wGyjnBSkuV1d4eZd88ORJIfrwTBtPNRV53QpcX:7YnBSkuVUeZdYGwTYu

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

f75df36095323750f6a74c43053e7cc3e5e22046a276bb396714c1060dd61f33
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 10KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ