modiloader | 4fd6024371e0a3f60d421d1251ce728bddca85011f523a55cbe7259f437aa9ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4fd6024371e0a3f60d421d1251ce728bddca85011f523a55cbe7259f437aa9ab
Size

275KB
MD5

0dbacdf47f47f3e82373cf150c33b3c3
SHA1

882f2790f90274b7ade002c7645e7289d42b062f
SHA256

4fd6024371e0a3f60d421d1251ce728bddca85011f523a55cbe7259f437aa9ab
SHA512

a8fcdd84d0f1fb85df0deaf4bfc1dc0a772a371d5128f3b3633505e6f4498ebf4e1e9d94430ddec71bfbd2392c871d53071f03ff2913c822d43394e55a753378
SSDEEP

3072:S1gGvorw2wUTtDGDkovgYme1jZMjt7aEcbd8n8ORoMIpsefXwTBf:lGyjnBSkuV1d4eZd88ORJIf/wTB

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

4fd6024371e0a3f60d421d1251ce728bddca85011f523a55cbe7259f437aa9ab
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

0
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE