modiloader | aa7b76c9310019a1cf3d8245cbe94d0fd23d4654f0fd65d988bbc439fea57103 | Triage

Sharing

General

Target

aa7b76c9310019a1cf3d8245cbe94d0fd23d4654f0fd65d988bbc439fea57103
Size

5.0MB
MD5

87b19a2d00fcbe940041b0e1d030207a
SHA1

52c9e96ae6ae98f57efce294758755f5ff1a3faf
SHA256

aa7b76c9310019a1cf3d8245cbe94d0fd23d4654f0fd65d988bbc439fea57103
SHA512

3b376e1f2733babf4f1a87a560cb1f71f8eac24c00f12c9067a169663ceb14eb695d5cec187cffcbaa656f4e8ead35156116efb6b2b2476616531a2c65efe055
SSDEEP

12288:3sWdVgX1MwKcjZ+fEEIjEOyk/AXqUYJvA4fQfcW39oIiyvTMGe7A:3zg6wKcV+sECkX4h4HziyvTTf

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

Processes:

resource yara_rule

sample modiloader_stage2
Modiloader family
modiloader

Files

aa7b76c9310019a1cf3d8245cbe94d0fd23d4654f0fd65d988bbc439fea57103
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 22KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ