Medusa Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Medusa Loader.exe
Size

849KB
MD5

d7aeaeceee74ef608cb00b86f10d8703
SHA1

c0ccd53cc0a7ccdd754c8136b08de355b8f1929c
SHA256

7a7bdd97e24b00b2ca359c51a0b7449ecbca2ac38bbf15fafe65b32b99906b0f
SHA512

0f7a5989d618b75cbf91bf39664a3f7497f382702ae3c8004954e81a22bcf375fe0a7939cd939fa5aaac849e173a5f1361e78721fbc442b5f27e1a0956cd20df
SSDEEP

6144:C6ITB8Itt2Cs1vEs+r5qzzS3vEs+r5i3vEs+r5fR3vEs+r55IvEs+r5+vEs+8519:C6I69gtqXS/gti/gtfR/gtggt0gsL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Medusa Loader.exe

Files

Medusa Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Hiorac\Desktop\medusa loader\Gamesense Loader\obj\Release\Medusa Loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 731KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ