modiloader | 2eae90c606290a56a4a4294044047a4fb98919b93ce9e98b6d6007c535de5ca4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eae90c606290a56a4a4294044047a4fb98919b93ce9e98b6d6007c535de5ca4
Size

1.2MB
MD5

0b807e51e2fbd8b93d24faba5bd1b2cc
SHA1

e01f4a9000dbf9254e6de3e41eea80d49f0b88d0
SHA256

2eae90c606290a56a4a4294044047a4fb98919b93ce9e98b6d6007c535de5ca4
SHA512

a5a9384ad75ca0fd4c6fda1f72df139f38b7caf5589ac98790bf021a6edd09824cbfcbb7139df6d05c89e53cdbaf97e94a6e477b3b608a2bc6801c01c963edc2
SSDEEP

24576:LupftdmclPUqDVxJ8CB9f90o7AjOJ0Led9AHIqRrgZ:Lupf/xhBT8PoSM9MrgZ

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

2eae90c606290a56a4a4294044047a4fb98919b93ce9e98b6d6007c535de5ca4
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ