Loader[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Loader.dll
Size

4KB
MD5

63ab1f300fe8be4a6bf690d80b171266
SHA1

57df96e580864365baaced5582be9a89d3f012dc
SHA256

599f737e325bbebcae035f1ae58ec8e6fb28b7e2c065b59422e7fdb16cf4b7e2
SHA512

97d076b577f114b2788febc7bf0cc56ef6bd60cdf9b6f3aee490b66b7ad24d83c9e1c6f80b54efa417a7068ec17086f03ccdcfa185538ce2ced69110d6dcc41f
SSDEEP

48:6hZDiut7lm/GO40f0lWzYmUOi7qp9to9bktXHulU8ZuwunsySQI3R5swBJl8sh2X:mW40a/n7qFo9bkhu3uwun2QKZK2nzNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Loader.dll

Files

Loader.dll
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Hesa\Downloads\Loader\Loader\obj\x64\Release\net6.0\Loader.pdb

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ