loader[.]exe | Triage

Sharing

General

Target

loader.exe
Size

1.4MB
MD5

ddd2d7084c7b2f571b66d6ea4c984922
SHA1

e2c31e7280a67bd0e1d5e0fc6d4e6404ab921fd9
SHA256

353980f41fa3eb2aa0170414eacddf31afd3f1a610d3c19a4df66c80406c4c1c
SHA512

61af43a71b2e7a33513f512ce514d02b59d739a2d1583fab25204083fb6ed478855bbd40d59c3dd6a6bdbb8e8f5e36b682ae2387443e43164a3b1fd5dcbedcab
SSDEEP

24576:trQIaZGHZuMZQx/OkmuRgsOK1pf/OGQdfzNAtI:trDSGHQMZQx/OkmuRgsOK1pf/OGQdfzH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
loader.exe

Files

loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ