CG_Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CG_Loader.exe
Size

4.3MB
MD5

c25c2a6060a71bd7707444a6f6474250
SHA1

ce8bae5c3c5cfda3b3136644abce36c14ca5acde
SHA256

91b99f2ebbabad81a8804730e9671329bd79d4b5ccbbb22c4da2eb365da2c68c
SHA512

1c79d92c755faff11cbb89281e49ebfbb90c86b3b7101bbf6c5c6d5349a8daa281d3e6432306d752e84a73b4a20286f763500e68100194e9e1a90edcec8b4ac4
SSDEEP

49152:lQgouwpmfwnrF8OB6kC1C8EDoXACGVi9BXrySUWTOGyMjvLUKo+Oc:lQ9u+nRVr28DcAZ0BXr3XTTvLUKov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CG_Loader.exe

Files

CG_Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ