Loader[.]exe | Triage

Resubmissions

08/03/2024, 22:02

240308-1xxxzahf91 7

08/03/2024, 21:58

240308-1vvptsgg85 7

Sharing

Copy URL Twitter E-mail

General

Target

Loader.exe
Size

319KB
MD5

0b8ffca91a45c696edebf0f6f719e2a9
SHA1

695b42f83382dd2ace8458063965f92aa2252cb7
SHA256

5c98c0044ddf6b74c6b6ffa3e6d7b04c443dfcb5cdfe1d842f4122879f36c69c
SHA512

cd22ff905dcbf1dcf75c98943ba2735613a00428fda629ce6b824ad12354a799f8ff865578aa8d43ce8defce64f3ed73a7047963b6b6ebdc264203aab101546d
SSDEEP

6144:XvTWWM9kfAouDjOvD6aYsn5oeFMTG6DkmZJGk++bWw+fpaAZCVi7HgOlGiGU:XvTxM+mmVM7HukHSfZCQ7HgAGij

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Loader.exe

Files

Loader.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 995KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: - Virtual size: 995KB

.rdata Size: - Virtual size: 2.0MB

.data Size: - Virtual size: 50KB

.pdata Size: - Virtual size: 42KB

.vmp0 Size: - Virtual size: 2.0MB

.vmp1 Size: 5.0MB - Virtual size: 5.0MB

.reloc Size: 512B - Virtual size: 224B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 995KB

.rdata
Size: - Virtual size: 2.0MB

.data
Size: - Virtual size: 50KB

.pdata
Size: - Virtual size: 42KB

.vmp0
Size: - Virtual size: 2.0MB

.vmp1
Size: 5.0MB - Virtual size: 5.0MB

.reloc
Size: 512B - Virtual size: 224B

.rsrc
Size: 512B - Virtual size: 480B