modiloader | 320249b904b8c9b4e7e76d593b0633065fe927ef11b29908059ca0410bb8b5e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

320249b904b8c9b4e7e76d593b0633065fe927ef11b29908059ca0410bb8b5e5
Size

64KB
MD5

834f1224cc7e623865468279dddaf93b
SHA1

af2322da559507842a6c4debeeed7748828564c6
SHA256

320249b904b8c9b4e7e76d593b0633065fe927ef11b29908059ca0410bb8b5e5
SHA512

5bee2aac10940a7ee5cd72c56cef312347801f918934cc83c08cb344233266c8f589079ca90d23079c9d955a4a40a526ab753388c585bf0ee5f235a47d42b266
SSDEEP

768:Bxyaq8QW7tqXFSlnblCWCvMI14OBrn26n3t:6aq8QqgSFQWiM9OBrJ

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

320249b904b8c9b4e7e76d593b0633065fe927ef11b29908059ca0410bb8b5e5
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE