modiloader | 12e21855da9bff1e0cc9a3e4bf0fa8e8dbacf5ede1ba599b2a3af356c5a93ee4

General

Target

12e21855da9bff1e0cc9a3e4bf0fa8e8dbacf5ede1ba599b2a3af356c5a93ee4
Size

692KB
MD5

3fed1e3fc985e7c5a54fa53f8488da50
SHA1

921d7d5a7d9f38ed738f9a932e24934604c24d27
SHA256

12e21855da9bff1e0cc9a3e4bf0fa8e8dbacf5ede1ba599b2a3af356c5a93ee4
SHA512

9ac8c1394c23359e61dd9bd189c100beaad577c90c2db212dc326dca8383cbaedf4cfd6f017b4661fa95ffb2a345eeb0789dace83fdafb94ba724f203c215430
SSDEEP

12288:rtzSoEDsJ/kvRID/xtimRzOINFrGTymQrJEETxT/H8k:JmmJ/k5Kx0cOICevE2xTP5

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

12e21855da9bff1e0cc9a3e4bf0fa8e8dbacf5ede1ba599b2a3af356c5a93ee4
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 608KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdsd
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 608KB - Virtual size: 607KB

DATA Size: 22KB - Virtual size: 21KB

BSS Size: - Virtual size: 27KB

.idata Size: 12KB - Virtual size: 11KB

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 38KB

.rsrc Size: 35KB - Virtual size: 34KB

.mackt Size: 12KB - Virtual size: 12KB

sdsd Size: 512B - Virtual size: 512B

CODE
Size: 608KB - Virtual size: 607KB

DATA
Size: 22KB - Virtual size: 21KB

BSS
Size: - Virtual size: 27KB

.idata
Size: 12KB - Virtual size: 11KB

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 38KB

.rsrc
Size: 35KB - Virtual size: 34KB

.mackt
Size: 12KB - Virtual size: 12KB

sdsd
Size: 512B - Virtual size: 512B