DesignerPro_Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DesignerPro_Loader.exe
Size

64KB
MD5

89ce0b44cc9f0467e65c47ce59930601
SHA1

9cfd1f734f144e53c8451eb466af2d5700f51177
SHA256

7801870f7d4432af2387cfb3c089bf24a492ddab008197531fe8feacf4539a11
SHA512

8b755fd7e3a5840e2df5b1e5432308a31e2f9b1e3c40f850539edab6622c45d3c248b8b01ba31d0f4310d847b784cc39479ccf2c4d74386c9b5b0b06fa5b1047
SSDEEP

1536:LS66m5uer0PphYZISYEKeFQMYtAUTkzbWOuG0:LS66xhY3YJeRYtAUTk/WO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DesignerPro_Loader.exe

Files

DesignerPro_Loader.exe
.exe windows:5 windows x64 arch:x64

1ecf6b89fcca9155f09762161b0e68b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shell32

SHGetPathFromIDListW

psapi

GetMappedFileNameA

ole32

CoTaskMemFree

version

VerQueryValueW

user32

LoadIconW

oleaut32

SysFreeString

advapi32

FreeSid

gdi32

SaveDC

ntdll

NtQueryInformationProcess

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.MPRESS1
Size: 53KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE