TDLoader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TDLoader.exe
Size

745KB
MD5

79baca5c48b046a2ee38ffe342a2aef3
SHA1

cbc1d44c5a45e82dfce7304511a0949c22233dc2
SHA256

6f6e0230b088317ecafe55a13d484e850d0943a7ba371be442e355a37a09d38d
SHA512

1b7359ffa62a269ab4722adc6f0db8f5b2436cae498b06ccde653759f730ea024acc2f1f10cffe5f020211ba6c22a730ad96d053fb9a2465ca7f5b3e853d3bc1
SSDEEP

12288:rQoTTzQ5t4vVc5mbljYDuRmhQ5t4vVc5mbljYDuRmo5t4vVc5mbljYDuRm4:XzBAmmCABAmmCKAmmCN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TDLoader.exe

Files

TDLoader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\TD-Files\Free External C# Loader New\obj\Release\TDLoader23.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 740KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ