modiloader | ec85f4520e8ec91b5e30d7ad6f102b336ab8a9d70c6373e01558b61f9bc59826

Sharing

Copy URL

Twitter E-mail

General

Target

ec85f4520e8ec91b5e30d7ad6f102b336ab8a9d70c6373e01558b61f9bc59826
Size

692KB
MD5

b64b1e63547843deede385c2cf59ad6a
SHA1

d64d6b01e55f0a77c61aa3c7a42c4ecf2d4469c3
SHA256

ec85f4520e8ec91b5e30d7ad6f102b336ab8a9d70c6373e01558b61f9bc59826
SHA512

365080074ffa12e043dad961f4f1b815f355423a5e2ecc6ae15579369509137d7f07e7039a29bb9c50ab4f650eacc7cebc42a9c0265a25c8cf74719bf43cc6d1
SSDEEP

12288:ZRRtGgozqi5paO0lp9USQVUSyrkA4pZ6J+v5NdTgxWaSTA1:Lf2eas1USImapIwPuIaSTm

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec85f4520e8ec91b5e30d7ad6f102b336ab8a9d70c6373e01558b61f9bc59826

Files

ec85f4520e8ec91b5e30d7ad6f102b336ab8a9d70c6373e01558b61f9bc59826
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 657KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.spack
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 27KB - Virtual size: 28KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 4KB

.rsrc Size: 657KB - Virtual size: 660KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

.spack Size: 1024B - Virtual size: 4KB

.rsrc
Size: 657KB - Virtual size: 660KB

.spack
Size: 1024B - Virtual size: 4KB