Re-LoaderByR@1n[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

[email protected]
Size

1.2MB
MD5

deaf6098839b754ca07605565e7ef19f
SHA1

3b0bb35f3ef69c4404fdafcef28cc56d138016c6
SHA256

b3a292f13062966f83dc904d1a946a86240c96d14adca577be4e53879170b62b
SHA512

60166e8c6dc99784e481dc73a1973d6c79823920c947776a7e21d305a9e9577cb6a91907f075f97024b837704f689558fe266397c5551631d157bd86117eaa4f
SSDEEP

24576:wfvl4X2sym1O+HwWPkd8U554mTYJuCwDd8wCfFiqT+V2mYU5j:uCmsyUO+HwWHU554mlCcWbfFFyhT5j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume7/New folder/DT.11.11.18/DT 12-1-2020/EWI -3 New language lab/New folder/Re-Loader Activator 1.6/[email protected]

Files

[email protected]
.zip

Password: S@ndb0x!2023@@
Device/HarddiskVolume7/New folder/DT.11.11.18/DT 12-1-2020/EWI -3 New language lab/New folder/Re-Loader Activator 1.6/[email protected]
.exe windows x86

Password: S@ndb0x!2023@@

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json