modiloader | 78877424d3e1de9803e58d0e5a44027424ba9507458dac2d87435473f7ae20f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78877424d3e1de9803e58d0e5a44027424ba9507458dac2d87435473f7ae20f9
Size

47KB
MD5

cdc02d266f9aeb4173564a63d018e481
SHA1

0b793bb442d5b6ae2b332cd41dd35e13e5ccecff
SHA256

78877424d3e1de9803e58d0e5a44027424ba9507458dac2d87435473f7ae20f9
SHA512

62b70050578c0e6fb4f3692f17785a0b1b5df340e250617c2d8589b9d5dd12de278e9c0ee0437496e5ba6be7007cf2bde3bb1b9e3773e117b889b14ecfd9f26e
SSDEEP

768:dbFSMIl4xszXcnPYFmDVWU0ZXVJaxTPC5H6LsZTa0HJ5fsQQAAhQ:dbF44WzM5Dz06oZTaWQq

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

78877424d3e1de9803e58d0e5a44027424ba9507458dac2d87435473f7ae20f9
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ