modiloader | c0e4c1dcbad756ffb90e1c607bf36397cde816b7459fb15ab18064546a898d5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0e4c1dcbad756ffb90e1c607bf36397cde816b7459fb15ab18064546a898d5e
Size

332KB
MD5

99242a09c1ae3481fa740667f3194c7d
SHA1

7f62a3a9cd00b14f551353c1c9184abb6d59ff22
SHA256

c0e4c1dcbad756ffb90e1c607bf36397cde816b7459fb15ab18064546a898d5e
SHA512

57bdebc0f33e931ca487400f466455dfdf3d6e284fbf67b7fcec25c0c6b32340fe48436ff47abfe02d1609db115794a80c71ec1c82ef005a6bbf5dd06de5fda8
SSDEEP

6144:cSuTQ/7Wv+gTH3X122CL+0gppmjxrXWzCgP9UOlCk8Pi5WMd:cQ/yJLlhS+9Sx6+qU/JaU8

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

c0e4c1dcbad756ffb90e1c607bf36397cde816b7459fb15ab18064546a898d5e
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ