modiloader | cfc4396cf2d9b42627ce4a86e0ccd4c95423348a3742fdd4cfe55eea70521d10 | Triage

Sharing

General

Target

cfc4396cf2d9b42627ce4a86e0ccd4c95423348a3742fdd4cfe55eea70521d10
Size

16KB
MD5

35d6a8d586a9ff8520fa6df3541f3feb
SHA1

54d45d2ad144f4c2ae0a6801c05dbc5aceddf047
SHA256

cfc4396cf2d9b42627ce4a86e0ccd4c95423348a3742fdd4cfe55eea70521d10
SHA512

d8067e21930343aa80134d37bdb21481c0eb43f4dc5e1269922c44cbf07854430dff61c5a77c5c9ea4177c293525b66322ca2e3694af0ee0e57c925b5639d43a
SSDEEP

192:nYsXGU5z4QOefVX7jDKHmcFKJBS4Mo9a10cZtUW9ZxF97aKVmjeWCyAEZTIqxn5t:j5zsetLSpX9owHtUWfhMjeWnAExT3t

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

cfc4396cf2d9b42627ce4a86e0ccd4c95423348a3742fdd4cfe55eea70521d10
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ