modiloader | 11db4a47757e9cce5b6e4cdc0c47b50297e916b119038cbc678086bf50bc6ca0 | Triage

Sharing

General

Target

11db4a47757e9cce5b6e4cdc0c47b50297e916b119038cbc678086bf50bc6ca0
Size

662KB
MD5

5c1202492fbd9eb102611f1282f35d26
SHA1

b635cad8ed9962abd2888ff044b5729798491ff3
SHA256

11db4a47757e9cce5b6e4cdc0c47b50297e916b119038cbc678086bf50bc6ca0
SHA512

548e689066e824ede8860e0e2758cd877c57b2d91cba28ea827598da3f30ce65d615e6e3a0e7362c4ce1179d11278f26f88a3a7569a955ceabe93357fae76bdb
SSDEEP

12288:OF+wFqP9o/jYI8xX/CRIO9uyjOvvNfmXSqcFYHdzOn3t:qqqG+oIXwGHg9

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader First Stage 1 IoCs

Processes:

resource yara_rule

sample modiloader_stage1
Modiloader family
modiloader

Files

11db4a47757e9cce5b6e4cdc0c47b50297e916b119038cbc678086bf50bc6ca0
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 537KB - Virtual size: 537KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ