SafetyLoader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SafetyLoader.exe
Size

90KB
MD5

b1a637ec4ced9a14f6fe1407c332caa0
SHA1

8d6833e35a3d08bcb12e007614afdd5fb5e36b0b
SHA256

1d021df1d5808369f4c72d231fcb48b86cb7c74c988b0ec51551fedf441aba57
SHA512

5d2523579af2271ac276c9e471c220d9cf3f48645432d9b5c1f339092067840bfb19e4aad9f00620863a5df2e420263c2c2a0878d16d2ebaa606eea2fa1918a9
SSDEEP

768:qfJbzlYP55YUC/rDM+/EiSOfxoMYLn9sLwkj+CcJBd8d8hmo6pmDBEdHtYcFtVcl:YBYh5Jo/8CEn9G+NJr8dA9SEKftVcl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SafetyLoader.exe

Files

SafetyLoader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ