modiloader | c50bf12a3582c73a06f507bb2583bbf134f9666736eeaff192f771605c32b00c | Triage

Sharing

General

Target

c50bf12a3582c73a06f507bb2583bbf134f9666736eeaff192f771605c32b00c
Size

651KB
MD5

6adbfe32475e52a3dd773c6bfcf78faf
SHA1

9ec2a4edcb9109a15a27238d845457f239e7b475
SHA256

c50bf12a3582c73a06f507bb2583bbf134f9666736eeaff192f771605c32b00c
SHA512

5c8152455ec3069d1567b8c7aee7324c91b8ae6ddcbdcde80a7287e8cb19fe135ca7b79a7760fef1a6e6cb206dff056426e43db69461dc3b732f92cf58ceb017
SSDEEP

12288:kpyZT1DrCxu/mDwLRI6BxcDqp9aqCcajVuD3Z7BPQGMWYur0s0D:kUx1DjOD3SxcDDcNDqWYurL0

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

c50bf12a3582c73a06f507bb2583bbf134f9666736eeaff192f771605c32b00c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ