modiloader | 25ab9b2f9ec5055adb1d960bed80dbcdd78f42a0347eb94509af397ffa80707d | Triage

Sharing

General

Target

25ab9b2f9ec5055adb1d960bed80dbcdd78f42a0347eb94509af397ffa80707d
Size

475KB
MD5

dcbe858c7549349830105d690bf9e6c0
SHA1

19ad292ec86cf2ba6c067f38f94af7a2fc19979c
SHA256

25ab9b2f9ec5055adb1d960bed80dbcdd78f42a0347eb94509af397ffa80707d
SHA512

5f171c82cacf191dbd5c8170c7ee69e8338ea4a8ad906197320d45d6898e7be9b9b7d75df3f973ac3a7a4a191e0f92515d59eebcba4586f0d399e591506a8ee7
SSDEEP

12288:b6A+y1vbS+Vnjz936iOnQMkcB8tUpBaYBu:eA11vbS+VjZd2QMkl2pBaYQ

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

25ab9b2f9ec5055adb1d960bed80dbcdd78f42a0347eb94509af397ffa80707d
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ServiceMain

Sections

CODE
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ