New Yeezus_Loader[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

New Yeezus_Loader.rar
Size

4.4MB
MD5

044b77fcae3e20da2af0c10b84e4d394
SHA1

b811300a34d77a8844352900b40e186a94c1c467
SHA256

944b8239c4ab7b5062f17cc94211fbb6a6ec49268f9eccea42ebcc06735a634e
SHA512

a69666bf662eacc91b2804184ba4dd95d93fcc7c188f5598bba61a6d264e8c81e9ef2f61f9148b2fe431aab87fa3efad6f7a302d95fc9228c827bea57cf90cbf
SSDEEP

98304:l1MbEc49jsoBk9M+jU0FVsdLMVIiM+LRKfBJ7QBcC:bMwF1Bk3U0FVcoVIARKkp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Yeezus Loader.exe

Files

New Yeezus_Loader.rar
.rar
Yeezus Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

TL<vF
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ