Loader[.]exe | Triage

Sharing

General

Target

Loader.exe
Size

3.2MB
MD5

0a4c593507a31d3f4253df9acfb18685
SHA1

03d6f7fc3bea683c115125e9693c31988502910a
SHA256

e5dd8734559a07856c50fdbad7c49ecb14c5d2cf615e096d35abbea0442e3c8f
SHA512

5cfbfb39a9bfe0d46cc551863c5049c9aa8352c24ffaa8cd5b52e227dee88006610c5bb58b3bc49f6fedfbb7fe996a0a3c9b2d6bf31f770569d456984455628b
SSDEEP

98304:0Do8NHCp5zjlB5FR545qF90ix9OtPnoplk2n:0h0FjlBt5nx85gk2n

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Loader.exe

Files

Loader.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 7.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE