General
-
Target
loadermain.exe
-
Size
146KB
-
MD5
b10b7412521eef4e650b401be020d6ae
-
SHA1
b933efe72da53ae34623dfc4c8402f355ebdf97c
-
SHA256
7aa23742e590f27e0d74aec95b8f3535f96e2ff11dcc4688b0115811376aa786
-
SHA512
abf50bafe9c012441c7a87ee1ed9557cd5575c6a5afe98593099ee046b36af696eb0435b590f182d21128030ce7e3eb9a645d01ea670ffc7785949d529b96d58
-
SSDEEP
3072:2fTD+he/t4IKjJN4OI1uGxOt/cgQXlK1bryNln8REPmdpzlV4Uhp899ibout:yuhjIKs98t/XSYbCs9j4X0boS
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource loadermain.exe
Files
-
loadermain.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 508KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 143KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE