Medusa Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Medusa Loader.exe
Size

966KB
MD5

7aceabf737f8d6d3b2b3fc46b70dda82
SHA1

a073e6bc1fc2f93ffb87586be44b3ef36cb58011
SHA256

a47315147bf552902edca6836bf2d727df5e192edc363631f6fc5c9f3eae4824
SHA512

7b03d6bd3e1391383d9d08b3faa050580118be785a52848fed8a48e51b51984dc5f1a9d5fe2507c018e4179d31f4b4baa80a388212c7862d6711823f782c0345
SSDEEP

12288:RqTbc9gtqXS/gti/gt6R/gt7gtxgtIgmi:IkmNrMo9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Medusa Loader.exe

Files

Medusa Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Hiorac\Desktop\medusa loader\Gamesense Loader\obj\Release\Medusa Loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 848KB - Virtual size: 847KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ