C:\Users\Mes\Downloads\Telegram Desktop\Test1\double-loader-anti-vm\ConsoleApp1\obj\Release\loader.pdb
Static task
static1
1 signatures
General
-
Target
loader.exe
-
Size
18KB
-
MD5
95aa0d45e0075814dcb862abaa9a25b9
-
SHA1
ad61166439e97b5be433098fbb7934a29e2957f2
-
SHA256
447faa4df06bd8046ff566e45e6b4c08820c6fcae9c9e2cfb342d06f4f27628a
-
SHA512
330aeca1243ae0103f6d3add8423669c0360a6d81bd71baa34d9ceb0d513b59a9a762585eb9451fe57814f839d35affe997cceefe90902711ffe19ac2a5dd591
-
SSDEEP
384:rzusfsxsl/968bjxzUebfFSvs0b0FLhJSi4zwn8Ab+CFLkEV6d:r6c+viSbbSSY8Ai44EO
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource loader.exe
Files
-
loader.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ