loader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

loader.exe
Size

172KB
MD5

202777ef7ca38626ff42d41e0aa15a44
SHA1

8e5b86e64b8c5bda5e193a0572b52620a5e19fcb
SHA256

46c5849f2b04f185490afaabadd2c4678c4c4438ab58e5aa4602fff8b09f5a58
SHA512

1a63d12498d356ff1527e1c668452da40cb19107f3b81912c87923cb422c73cc73bc67faaccc5ed511bd8df33bc3253cd8946995ebbba42f255f01ee20310853
SSDEEP

3072:K2vhC25NLM4WssRAHbGkN9wza1qob46HQM4WssRAHb9TOTbxv+I+lfkG:X5p5G4W/C7Gkt1w04W/C7Ibx5+l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
loader.exe

Files

loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ