SecuriteInfo[.]com[.]W32[.]ModiLoader[.]YK[.]tr[.]25947[.]20616 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.ModiLoader.YK.tr.25947.20616
Size

2.5MB
MD5

f37875d5d184a2d31875b884ffd5274f
SHA1

6aef1f500042a17b9c18b17d156298eac085273f
SHA256

2066d3c19b80a23bb0852d98ba11a5539a5c0ecb148c6a8aa81d028646e92b0f
SHA512

ce0aa4230cda42ec2adb083ecc3bd10372e4b0e0e1396b70394932bbe365bc8913c769f8323528a1dfc75645a83aeb27139c0ba23a5a4a2d9c6915963f24da1c
SSDEEP

49152:YQ7vUCm5uqGIppAGfPWF0EQt++nY60+oKbrQB66N:YmvsbfPWF0Tt++R0+oK2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.ModiLoader.YK.tr.25947.20616

Files

SecuriteInfo.com.W32.ModiLoader.YK.tr.25947.20616
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ