modiloader | c46b60c4ec1d4bbbe5163ca9b2570ed2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c46b60c4ec1d4bbbe5163ca9b2570ed2
Size

34KB
MD5

c46b60c4ec1d4bbbe5163ca9b2570ed2
SHA1

93c07ed37c02abda6b6d27c6a909479be2cd7f78
SHA256

d264fc4f38b55a985fadce21be32b8bead47c64f990ef5de829dba2693eef99b
SHA512

cf02a2e6b91f7d4c280f0d656ee5d24a88cebf0ea3751eb3729cc6e5e4dbd1ba7b9cf264b4f5417880a26d0377cf4cdfe17be2fb5d5554656e8da39e96d0112d
SSDEEP

768:4oi4qZOLQNwdXcBq5OpBlaKr91EPFNx3GJqqj9QuV:4v4qZyQNwdcUOpBlaO1oNRhuV

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c46b60c4ec1d4bbbe5163ca9b2570ed2

Files

c46b60c4ec1d4bbbe5163ca9b2570ed2
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ