MonowareLoader[.]exe | Triage

Sharing

General

Target

MonowareLoader.exe
Size

1.1MB
MD5

95e8dc5a3f72ea03b77ddd76e2a4af71
SHA1

875c406274dd79d36fd52925a930db4b067dd371
SHA256

4b13d965176ebd8366f8bfc3578d0b76f4f59a4bb6675d52679ffaf0c4656f91
SHA512

59173a5199a4d8dca3a9617274d8f8842a7a3d0cfc8eec3354eb108fcc998e7bc3082ae2a790bb8a613d8adabb1e8c79e4eeec693d0b10548bebcdef4e73718e
SSDEEP

24576:sTQcPTAcySiDNpfVkqgfPyU8/oa8reuaDQkqjVnlqud+/2P+A:U70nS4pfVkqgy6r3askqXfd+/9A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MonowareLoader.exe

Files

MonowareLoader.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\fxzhn\RiderProjects\MonowareLoader\MonowareLoader\obj\Debug\MonowareLoader.pdb

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ