modiloader | 5771d79e10e40ce1272c45cbd7e27bbd7db3ea9332e1d42e3a7950a1f2dbdf9f

Sharing

Copy URL

Twitter E-mail

General

Target

5771d79e10e40ce1272c45cbd7e27bbd7db3ea9332e1d42e3a7950a1f2dbdf9f
Size

692KB
MD5

a93e709ed51db89d5032474ee3e3aafe
SHA1

5703c9977cb27c0a84b8ff5e610cd4c278c4a9f8
SHA256

5771d79e10e40ce1272c45cbd7e27bbd7db3ea9332e1d42e3a7950a1f2dbdf9f
SHA512

6fc2b582726150df58072146ee5b06cca626ba696cd491b769072c6a09480b04b0fe541ef14cc9266429cb7e564d2998c4f51fc09b558392bd0171e1bceafeac
SSDEEP

12288:5RRtGgozqi5paO0lp9USQVUSyrkA4pZ6J+v5NdTgxWaSTA1:rf2eas1USImapIwPuIaSTm

Score

10^/10

modiloader

Malware Config

Signatures

ModiLoader Second Stage 1 IoCs

resource	yara_rule
sample	modiloader_stage2

Modiloader family
modiloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5771d79e10e40ce1272c45cbd7e27bbd7db3ea9332e1d42e3a7950a1f2dbdf9f

Files

5771d79e10e40ce1272c45cbd7e27bbd7db3ea9332e1d42e3a7950a1f2dbdf9f
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 657KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.spack
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 27KB - Virtual size: 28KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 4KB

.rsrc Size: 657KB - Virtual size: 660KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

.spack Size: 1024B - Virtual size: 4KB

.rsrc
Size: 657KB - Virtual size: 660KB

.spack
Size: 1024B - Virtual size: 4KB