TODOSE[.]exe | Triage

Sharing

General

Target

TODOSE.exe
Size

548.0MB
MD5

895f66700e7dbfe85e4863b651a54936
SHA1

48d4bdc043a2dca396aeb9e807cc34610ac92e37
SHA256

62e3f72bc0079451bb96d39b90668270febc34f50d2c4f2c5d4dbe4d69121d4a
SHA512

b11ef0a6488d3aa719be13744e96dc9a3872a72ea3b21d6f19103ba10b6a90998a8e2af65877431c9ede154146cd3996f56dc2d0fb85058ad84a7a17a510d96c
SSDEEP

12288:Ck7o5ERwPpv9plzKc4VVRxAXjrISCWMcaTNnaM8H41VQJ:Ck7o5HtTlnAVR0jrIJWOJnaMC41Vy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TODOSE.exe

Files

TODOSE.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ