Behavioral task
behavioral1
Sample
9aaca178857cb95d1adf55c7f0c63650.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9aaca178857cb95d1adf55c7f0c63650.exe
Resource
win10v2004-20231215-en
General
-
Target
9aaca178857cb95d1adf55c7f0c63650
-
Size
82KB
-
MD5
9aaca178857cb95d1adf55c7f0c63650
-
SHA1
da5631f4a533dce254b0b90dc94bf7976aa33731
-
SHA256
cff7abc5edbf2c5438788f8caf187cc8859044e6f53453520b88fa873c4ce638
-
SHA512
dc8aba6f23c54674180e9b6d5261ad21d8fad99f0dd872735ad99c5f48f7743185ecaa60331458fab9d4989e0880f2a7d7afbde3bfe9f465a24d50c28a41508a
-
SSDEEP
768:iM85LbVnEpdaNVYvr6vYXRVp8JZHbYbu1WOr08ZHe+bB:iXLbVkSQnRwJZHM00MHe+l
Malware Config
Signatures
-
ModiLoader Second Stage 1 IoCs
resource yara_rule sample modiloader_stage2 -
Modiloader family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9aaca178857cb95d1adf55c7f0c63650
Files
-
9aaca178857cb95d1adf55c7f0c63650.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE