Loader[.]exe | Triage

Sharing

General

Target

Loader.exe
Size

8.9MB
MD5

6b5ed278f7729e939ee2865209d7f10c
SHA1

3e66f93a3115fa0d713bb95cc12b4f09379d02ec
SHA256

9b982c24d1cb269ae77e6c2b06060861326b64a3c1023a01a7626a7f9e8b3ff9
SHA512

68c7315afb56dd0a71453b8e096d0c978a3ea2ffd33bc33a978706ee60f7a2f5e9ee30d5a2c1d8cefb4f9675cf7a08600ef601bf63b410ca88e4eea961d79c7a
SSDEEP

196608:sivgAsqpQRfDbkGh4Nu657ijBHYbKYODdk5W:R2UQnB9vdE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Loader.exe

Files

Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ