modiloader | 86e04a49d4892db1c8a856d7205df4b3a443345d911f1ed42eb3cd49beee13c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86e04a49d4892db1c8a856d7205df4b3a443345d911f1ed42eb3cd49beee13c8
Size

33KB
MD5

102658f951c40f23b0f5a5cbaf6cac7b
SHA1

8fbc6fb99b49defc717a3b6a39a51e1dccbb68d1
SHA256

86e04a49d4892db1c8a856d7205df4b3a443345d911f1ed42eb3cd49beee13c8
SHA512

70fd37174a00a27cc47ad254915e97cc739eb01e88af64ff6f3233e6da30b95f279207d49deaff843b7fcc1633fb1e842ff845e2df0e86947312ca901f9f26aa
SSDEEP

768:foi4qZOLQVIdL6Pfq5OpBl1Ao/q28X5skYlP7xIvYguK:fv4qZyQVIxSaOpBl1/i26YlPuuK

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

86e04a49d4892db1c8a856d7205df4b3a443345d911f1ed42eb3cd49beee13c8
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ