hqOsu[.]Loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hqOsu.Loader.exe
Size

27KB
MD5

41b5e08ae18d2d41e110f88708161e7a
SHA1

b7b2cb078af985e29ebd19aedaff70cd0dc900fb
SHA256

a8b64cc1d206eafd6c3ec0dc11b56eaa200ed18b87efe9a63b9cbcbe02beba0d
SHA512

891b7465364fcc790abbd2850a0e9ecad3b43f6dfb516a5b7d94d10f3958283dbb52a923f988fb3b33b572cffdcc2ff98e272b19980bcf3e5038001c58457b18
SSDEEP

384:6DT6cYIW4sH+aYmani6geB6dEMqufuf10aNkn2ekOIPghn+eT:6DdvK+e2RBWZRaTe+s+i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
hqOsu.Loader.exe

Files

hqOsu.Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\hq-osu-rc\hqOsu.Loader\obj\x86\Release\hqOsu.Loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ