modiloader | 4d4382c5baa6e45663ec51f9e2ea628d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d4382c5baa6e45663ec51f9e2ea628d_JaffaCakes118
Size

836KB
MD5

4d4382c5baa6e45663ec51f9e2ea628d
SHA1

c7793a9c7f40a479b5ae1661222213f07cfdc8d8
SHA256

6ab5a7ecd786378b12efbd6d3063636b216142759e70c7dea78f36ba7f9157a8
SHA512

1847c9662607628323f75670a3c677dcc329210c868392ba749892c83f380680e8658342cde0bdb455f68bf28900c9f8de8a27bf20facad405c15c8d9da3be18
SSDEEP

12288:vtS5RTQ7aT7YilhjzAF4gv6tLuAfyI0xkaa+5jqJeATPBM5jlzVy:Vc22T7BRS46kuAfyWMjqMATPBM5jlz

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d4382c5baa6e45663ec51f9e2ea628d_JaffaCakes118

Files

4d4382c5baa6e45663ec51f9e2ea628d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 608KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.free
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 608KB - Virtual size: 608KB

Size: 24KB - Virtual size: 24KB

Size: 8KB - Virtual size: 8KB

Size: 12KB - Virtual size: 12KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 40KB - Virtual size: 40KB

Size: 36KB - Virtual size: 36KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

.free Size: 56KB - Virtual size: 56KB

.text Size: 8KB - Virtual size: 8KB

.free
Size: 56KB - Virtual size: 56KB

.text
Size: 8KB - Virtual size: 8KB