modiloader | a4251c8bb6b6eb1ec67e7e61f3766ac70a48252e971f07fefd52437e0794b1fe | Triage

Sharing

General

Target

a4251c8bb6b6eb1ec67e7e61f3766ac70a48252e971f07fefd52437e0794b1fe
Size

651KB
MD5

32060dbd8ee1657e7718bbca5d149bee
SHA1

3b7fb85b512f1dd9c96a5bca2a64b73548f41f45
SHA256

a4251c8bb6b6eb1ec67e7e61f3766ac70a48252e971f07fefd52437e0794b1fe
SHA512

17501d10a37d13dd67347b3f0b94e89d544388d854cb02d13836015f554e423b44fe7960b34caa577d25a20d2428008e4ce56a51096c4ed28db783a1f52a4baa
SSDEEP

12288:kpyZT16rCxu/mDwLRI6BxcDqp9aqCcajVuD3Z7BPQGMWYur0s0D:kUx16jOD3SxcDDcNDqWYurL0

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Files

a4251c8bb6b6eb1ec67e7e61f3766ac70a48252e971f07fefd52437e0794b1fe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ