SVGC Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SVGC Loader.exe
Size

564KB
MD5

f8d410edb009ff57daded9b85ec59f56
SHA1

a6b3ba96be85cd443975b339bcdbc54436772326
SHA256

f91f9811340d5320b58b76db21bc58e11bb4ab180feea6967d85559b830a54c0
SHA512

e7d50354eb6050d937fa778fc789e35a0f929557141e86879a3a9d2d50c92a7d0684bc282d6d19c5b542789ba9fe375e7fc95886122757e8c0512bbdc28b06fb
SSDEEP

12288:DJfhNaJPfw+OmkQ1jyLe7d111ep+U79oLX80Ndr2WV5CIIavNwiCn:Dp+Z4+4e7R1Y+nLR31SIIYNcn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SVGC Loader.exe

Files

SVGC Loader.exe
.exe windows:6 windows x64 arch:x64

4b5388212d4ceb55c842e81cd9edbaf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

GetUserNameW

kernel32

GetModuleHandleA

shell32

DragFinish

user32

GetDC

Sections

.pdata
Size: - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pexe
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pexe
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE