modiloader | 1e3017bb3b0b56f90b89106d7dc6c9f7e1917be0efd83b88192c2bd6f76ab94f

Sharing

Target

1e3017bb3b0b56f90b89106d7dc6c9f7e1917be0efd83b88192c2bd6f76ab94f
Size

17.3MB
MD5

fe415829a50e7f63707dc46ab5de1e99
SHA1

5b1930923b0c29c31709139ed53f7f9572ec0eb6
SHA256

1e3017bb3b0b56f90b89106d7dc6c9f7e1917be0efd83b88192c2bd6f76ab94f
SHA512

4e5b6d2dbcac46abecd5cd4fbf978a9f062aef5c7c6c07b6c699c7d9ec64ac5c6aa86232a812ab871805a8990a1d462442929b89e30b09c20fddd36d2790350d
SSDEEP

196608:kD6FuwYCfKuBEq9SF+q4s1JR/qRQwixa8slecKMspanCM+Jmp+HE0IFAxbXsy+Kw:aEz

Score

10^/10

Cobalt Strike reflective loader 1 IoCs

Detects the reflective loader used by Cobalt Strike.

resource	yara_rule
sample	cobalt_reflective_dll

Detected Mount Locker ransomware 1 IoCs

resource	yara_rule
sample	RANSOM_mountlocker

Detects Zeppelin payload 1 IoCs

resource	yara_rule
sample	family_zeppelin

HelloKitty ELF 1 IoCs

resource	yara_rule
sample	family_hellokitty_elf

Industroyer IEC-104 Module 1 IoCs

Contains strings related to Industroyer module used to communicate with power transmission grids over IEC-104 protocol.

resource	yara_rule
sample	win_industroyer_w3

MassLogger log file 1 IoCs

Detects a log file produced by MassLogger.

resource	yara_rule
sample	masslogger_log_file

Merlin payload 1 IoCs

resource	yara_rule
sample	family_merlin

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

NetFilter payload 1 IoCs

resource	yara_rule
sample	netfilter_payload

NetWire RAT payload 1 IoCs

rat

resource	yara_rule
sample	netwire

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
sample	family_xmrig