Yeezus Loader[.]exe | Triage

Sharing

General

Target

Yeezus Loader.exe
Size

4.7MB
MD5

d19bb970af03237239b196b1db26fc3a
SHA1

a368efd4fe0ffaf6877cb0987cd642a6fa34d12e
SHA256

f4f8688879d5618a8ff85fd93b43412d7afbb4a5ffd5a7f0dc3062921aebb743
SHA512

fa037a7e81fcf1d6d43b8b5f1259961fb99b9c4b6588df24ddf0c313e74bbabb2533ed9b6bfbf9771d7eea6df9c523d4898300c3dab2370070acdc46885edb37
SSDEEP

98304:NZCK/qY/QKKjEQm+IPY/DygK5KENxU7+4tG0zKXGoU9rzFrb+:NZCKRQKWf3Ig/zKUUQj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Yeezus Loader.exe

Files

Yeezus Loader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

TL<vF
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ