TDU1k[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TDU1k.exe
Size

44KB
MD5

94ac52bdc0d9192914e5a60cbde751aa
SHA1

7d71cbc1a0bc7864f826020cb042ad611f7b23c3
SHA256

c339f14d7980375e12b92e501e612e0102d2d0ba34e0d21200130d335e703602
SHA512

7fee57fcc7b6927f034da82dccf044b029816b9175ee704961e8567ba5b2b329671abf2aa18cb001bc5af18678d467ab70449a56947817b48ee42d61a7198f31
SSDEEP

768:swbYnNcMTmil8e/IyvWnekbCKQ1v/Gr4mTYGUahXhrWP8NlQiUPOsTi+:sw8n1cAIyvWLOK2v/deZRa8NlQ/OsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TDU1k.exe

Files

TDU1k.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.theta
Size: - Virtual size: 1008KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iota
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE