CG_Loader[.]exe | Triage

Sharing

General

Target

CG_Loader.exe
Size

3.7MB
MD5

376ddb3002bdde090c62b900a040437c
SHA1

97e44c84d2a12730c1ca19b6bfefbb9e11a7e8bb
SHA256

fa31734c4a27cb245c57d4ea9e68271714e10aea39a39ec849c29933cbd37e62
SHA512

669ed5461a9887e09c086146f56e2f129cad5c21699b2769231ff123af0449b10ef0888913c6bf3c4997a2038b900017a1f9aace531f8ae4b0daa54d9af57b06
SSDEEP

98304:Wxp8jKhbUiGEHmx0/cZ3uFtffOW9Ixb7JXTh:WxbhUiGWJ0EFtffA1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CG_Loader.exe

Files

CG_Loader.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ