modiloader | be9ac1c69fa09fdd693e5045f1731a15

Sharing

Copy URL Twitter E-mail

General

Target

be9ac1c69fa09fdd693e5045f1731a15
Size

693KB
MD5

be9ac1c69fa09fdd693e5045f1731a15
SHA1

cc55549bc0da7a718b2b8dfe6cc4bbf83a34b664
SHA256

79ff48ad8e1955eccf91d93e96ea8919e54ace290a2444b70ce1c468176bf125
SHA512

e805df2f6af4fa340622e4fb9a328cf5bff53b9b84a04fbb0b60ad33ef94f00508995872a52a3c02308193eca937b1d14d37456095842129163c0f8c190d462a
SSDEEP

12288:TtzSoEDsJ/kvRID/xtimRzOINFrGTCmQRJIdjxT/Hck:hmmJ/k5Kx0cOICWJIBxTPZ

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be9ac1c69fa09fdd693e5045f1731a15

Files

be9ac1c69fa09fdd693e5045f1731a15
.exe windows:0 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

��
Size: 608KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 20B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�)��
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

��� Size: 608KB - Virtual size: 608KB

� �� Size: 22KB - Virtual size: 21KB

���� Size: - Virtual size: 27KB

��� Size: 12KB - Virtual size: 11KB

���� Size: - Virtual size: 20B

��� Size: 512B - Virtual size: 24B

���� Size: - Virtual size: 38KB

���� Size: 35KB - Virtual size: 34KB

�)�� Size: 12KB - Virtual size: 12KB

��� Size: 512B - Virtual size: 520B

���� Size: 512B - Virtual size: 512B

��
Size: 608KB - Virtual size: 608KB

��
Size: 22KB - Virtual size: 21KB

��
Size: - Virtual size: 27KB

��
Size: 12KB - Virtual size: 11KB

��
Size: - Virtual size: 20B

��
Size: 512B - Virtual size: 24B

��
Size: - Virtual size: 38KB

��
Size: 35KB - Virtual size: 34KB

�)��
Size: 12KB - Virtual size: 12KB

��
Size: 512B - Virtual size: 520B

��
Size: 512B - Virtual size: 512B