TxDoomer_Loader_protected[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TxDoomer_Loader_protected.exe
Size

1.2MB
MD5

fd3e0fddb2a2571d7c6010de90e552f9
SHA1

55cd4a8e012740dfa430dddf3245ffad383b64a2
SHA256

ab696814ce3c10f86e8ad86a8c1cbb45f9ab0ceddc336ca15bce36b2f1a87a13
SHA512

654663056ba803474dc3cee0fa07da9fc6710debb49e343b06cc558f3f60879a1c54f4f2df44069247b9565f505a4413f11c1fa72de546f0cbfe33eb5405be3d
SSDEEP

24576:jqeWJnK5cnuFa2s1kX/kbtIqgFHU0HEPJbO8dBUGKsmuzQ28HW:jjWMFXs1kX/tqUEPJbOEVd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TxDoomer_Loader_protected.exe

Files

TxDoomer_Loader_protected.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 25KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 916KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE