modiloader | 60e207bff9f32145a90023a70b967254_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60e207bff9f32145a90023a70b967254_JaffaCakes118
Size

105KB
MD5

60e207bff9f32145a90023a70b967254
SHA1

b9c049d2e084ffae84a580dcb1e50ff2b1b27342
SHA256

32b00acd12ac8dd9e3e828a8eacd2fd9f760bd0a92414a0d499b204a71938e7c
SHA512

267f701be891027d7a99034282581b326626a8c81780f3d999c02277ee26d61630e35daaee0f70208d92fe5952a5d5379a9028d264eacf9ec86ac7eeea8cb1d7
SSDEEP

1536:0fvKKSNsOLhVppiaCmufSDpyla2GAOpB4zTlA3:0fvKJvpp6hXOpBs

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60e207bff9f32145a90023a70b967254_JaffaCakes118

Files

60e207bff9f32145a90023a70b967254_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 8KB - Virtual size: 8KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

. Size: 72KB - Virtual size: 72KB

.aspack Size: 8KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 8KB - Virtual size: 8KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB

.
Size: 72KB - Virtual size: 72KB

.aspack
Size: 8KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB