slinkyloader[.]exe | Triage

Sharing

General

Target

slinkyloader.exe
Size

17.8MB
MD5

fa1764b9b4b43de4ce51b6da0748944c
SHA1

91ae2a9b63bcc0f3194385c306e941d7b628aa33
SHA256

5cabdd6f5494bbb646f2f84ed05f7e5c999efaeba6f9beea3abe0100780137a5
SHA512

bf807ca364e3b94c4ec3d8d859d4e927d7e2b70ddf70727a0c921645474c261798d8b39554b28ab838c6c7b04aae1da6c90caeb3d9cf1a682dea2ecf5d9cac18
SSDEEP

393216:Gr+c50Fa7K39n0LHOz3tcA/YFspJfUXvakYHQFSdbhALSVQtikwtW3Jigc:oot3uLuz3tM6rfUXCkYgU/VQti/W35

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
slinkyloader.exe

Files

slinkyloader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17.8MB - Virtual size: 17.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ