Mars Loading[.]exe | Triage

Sharing

General

Target

Mars Loading.exe
Size

1.2MB
MD5

fff537a0b93c8510ea29556d097e2ca9
SHA1

28ecbf242b4d4ccb998ce8ec895499aceffb560e
SHA256

b747c3e6213155b74a6debf650f4df294306cb560903e57e8fd959cfce9292a1
SHA512

4fcaa6c09c7ad0f3d106b513b5dcd720127c40e1b66d00a6cc7afe2878e0ce623b28904b919c4ab4f69c9db5e51d61ca683b7a4a32d7fe99f45a14c9d4e1ffe6
SSDEEP

24576:ux+0DUuYBKT96MfqKFuDfIvL6X6fIvL6X:O/+KT/C6Cai6ai

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Mars Loading.exe

Files

Mars Loading.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\quiv\Desktop\Mars Loading\Mars Loading\obj\Release\Mars Loading.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ