modiloader | f3da07027160226f40ef430c76a8c52aeb61d769931f00508d710fec7002ad65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3da07027160226f40ef430c76a8c52aeb61d769931f00508d710fec7002ad65
Size

18KB
MD5

fdf0f5dd92cd640d0870f2e240cfc46c
SHA1

9e462e839a10238ccd22b47fe99a28e11e22f672
SHA256

f3da07027160226f40ef430c76a8c52aeb61d769931f00508d710fec7002ad65
SHA512

daee8ce1205bea81f4e9ff219db06f40b0e4f2b24cc451586ab0702b9399feb27065aa1be724592b5f764b0762e7eaff504dbde46b9eefd4734ada1e34a2b830
SSDEEP

384:gG2pEu2qc0lpLsz0/Cs0OqSHyf0mfIX6cNKCq+zeXQ:du2qdlpLsz9jpSHyvIX6Gque

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

f3da07027160226f40ef430c76a8c52aeb61d769931f00508d710fec7002ad65
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Load

Sections

CODE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ