modiloader | 83ff929dbd0b105ff023290bd3f26025_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83ff929dbd0b105ff023290bd3f26025_JaffaCakes118
Size

307KB
MD5

83ff929dbd0b105ff023290bd3f26025
SHA1

a2157b69a0f092534f1e58aa7d3d565140e21938
SHA256

421c043cfd0a48837eedf770827d6ec15cc00a49da2d8a11d029719b6ca06fac
SHA512

d170cf7a5391f2cf1289007022e939443672094ed731d054a3c768d983c0488a223f3b85b3d69bd70237135ad78d2b90c4c19e40a58fb8d4e73677edcbc3ad0f
SSDEEP

6144:mfLHGLG377xS2Vp2CeiorXdwTBgWx4v53TpcCJJvH0:cdr7xS2Vp6RwTyCybJJvH0

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83ff929dbd0b105ff023290bd3f26025_JaffaCakes118

Files

83ff929dbd0b105ff023290bd3f26025_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE