Static task
static1
General
-
Target
SytheticalLoader.exe
-
Size
2.3MB
-
MD5
9a031c94cd524556a743c22717ef1566
-
SHA1
493bf50ce3a9b397b54cd7b8e5c8ec30d11bcecc
-
SHA256
b8c05c7c8fbcfc749a8ec7f68153d83f047af147e1be47f5750b9c071bdf5705
-
SHA512
b6e1f27fb8603eda7cc5afca5101943e1fe892d8360011ccec244b9410b70be3ef19b5e8c512568cab22ecaeb8db969b3bf6d82c971290fd727d85d6f961b4b0
-
SSDEEP
49152:ykqXfd+/9AWNpCVyThMzxGpSD1uNBmAIW32cX0Q9sWZ+z4xAX9hD7Gtq5:ykqXf0FRNY42GIDwzmG3pX01rd7mq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SytheticalLoader.exe
Files
-
SytheticalLoader.exe.exe windows:4 windows x64 arch:x64
Password: 6ZR6-AY00-EFSR-LRBL
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ