Loader[.]exe | Triage

Sharing

General

Target

Loader.exe
Size

20KB
MD5

122c8e5c264c357e3fe73b72e5f21bb8
SHA1

a8ca42a38ebaa42fba9921e6d4b81089f5bf5602
SHA256

f0162e920bcd8f86cde4d211edafbf9f268c6a966ac8566537836eded4c77c85
SHA512

ba1c5db5465ed59779ae50d3327c8437e4696ace9d76afcc841f21d6db96fa11c779151b19175c55b9b50deb9e7f3f0a57766dd4a336fb608f18c3df885a8b49
SSDEEP

384:4MinaHaryST6VpmE0RXSWaWUO4oRFcW049USVo4jPjJl9N/yHG:4MiCar6Vc5RXAWUO42FcWF9UyVN/ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Loader.exe

Files

Loader.exe
.exe windows:6 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE