Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Loader.exe
Size

5.3MB
MD5

45d974f18c7f1bb2ef413dc8104b70ef
SHA1

d2d0f8413d71bd7e9e30764eb6e1c5db0b14649b
SHA256

e5196966c73d6186a98ebed7758dd4e0cf50f1382bd57466388bd2aabdf6622f
SHA512

6953d7819a1572fa3cb2207c6644706d464263e45021019bbd00012113330e300c3e1779ec78ed3e762a6c51c4abbf2a292a7c81cf72a26243612a8c71983ed5
SSDEEP

98304:StVnhBEB+1r2o6gNhVRwfBmDDI2Jo2C+qRkHbIrjMW94z9OUj:StVhBl1Co6gRRwfBek2JFkkOYW94

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Loader.exe

Files

Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ