Re-Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Re-Loader.exe
Size

1.8MB
MD5

e20c29c40d33434e9054dfde933f54d6
SHA1

8214cf3808c45150cccad5eb12ff74f3393d316a
SHA256

e3e8020add3e306307ecdf6f83900ef411f08241e332faeff555ba8b2003cbf4
SHA512

a6f2a1a385908dae53189e1866fd102a142c860b60db595695c9c502948f315679afc402203181807d065ce4c9febf74cdbe6d58fcef63080370fad566b619c3
SSDEEP

49152:Q8N+Mjf5BjhkpgctSkEbcFpRgziYv8aSN:Q8s6f5bkSctWc8/0aSN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Re-Loader.exe

Files

Re-Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ