modiloader | 58f7830dda505d19a5cfa0cdad0bc6b568b5885596f4fe4be6a59dff3d75e7b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58f7830dda505d19a5cfa0cdad0bc6b568b5885596f4fe4be6a59dff3d75e7b2
Size

1012KB
MD5

3011b3c49d20ae3ce0313fa5a6d0552d
SHA1

8cb2ebd6a3126dd846edb9a548389471cba39be9
SHA256

58f7830dda505d19a5cfa0cdad0bc6b568b5885596f4fe4be6a59dff3d75e7b2
SHA512

2ec31f608503409c3f45cd8caafdd4b86dfeff81b57700c44b6d5d6eacb4b27fc19fb49a909eedb12505d1e89c5a7fa4f902bd98a61ea31707d2e5c761acc2f2
SSDEEP

24576:7BkhLMuYmLGTxQ2Vpe8PM5S7xe0RS/8vSHL96/g:7BkRHY9xQ2VcT5z0UUvSHz

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

58f7830dda505d19a5cfa0cdad0bc6b568b5885596f4fe4be6a59dff3d75e7b2
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 959KB - Virtual size: 959KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ