General
-
Target
genisis_loader.exe
-
Size
4.4MB
-
MD5
79bef881ce0d02d00944ebb7f7e458b8
-
SHA1
233bd6908474d2ce02f2a6b5bdbf94810d605371
-
SHA256
eda567adb38bdaff46b578d44de31c193561c33ee1f7d578dc023e92bb823227
-
SHA512
d8ab5545d89073773f1aa22b21720f24c4058900a18d4e6599c03fa03d563ad916b84d4799cd1fb825ac659b4fedc4ef373dc99d886ed4ce45e0dc646fc6290a
-
SSDEEP
98304:JrHCJg+uiGrAUjVbBLeN0ai74QmYDGDrvhWySsPJ:JrHGGr9QN0V7JDqhWdsR
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource genisis_loader.exe
Files
-
genisis_loader.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 11.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.4MB - Virtual size: 4.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE