Colossal_Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Colossal_Loader.exe
Size

13.8MB
MD5

933c849849ca0c7252feee15a75a04fc
SHA1

b5a50be3529ebf26485fa1f6589541b28a0d8e30
SHA256

6d205c516efd8f82bdffcd5c11437c132e4f38759ffdadabb11cf4cf6545a4cc
SHA512

40bf2a84ca2c332c37fef161b2dd8b439ec8df318875cf7c10eb0e635f35f025ebf1e2dc304b690a8ca93a48bca9c7335dd4b23a96a2b68af215cd364ec07f09
SSDEEP

393216:CLPveL5SJze5v5GYr23199Yk683VA53N:CLPveLAJze5v5GYr0T683VAj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Colossal_Loader.exe

Files

Colossal_Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11.9MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

!Sugar
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ