Xloader[.]exe | Triage

Sharing

General

Target

Xloader.exe
Size

340KB
MD5

cc5ca29d68bc56ad45d9363edebd7400
SHA1

ef03bbe4341a9af0e2b2122764afe3b3a00ac693
SHA256

a44a2548e7d6e26d79b619e834bf09d1c7ea4e4ad1a66b93472dd97a33e93752
SHA512

f8babed8afe98f21657c42651a19c58d6e574bc6314734b8328a68ba8553d29cbd8660f980bf594509188a08c6bd291a3488809af6cc81a29e6b32a5951b273f
SSDEEP

6144:E3EBCs/lJWYxmMe6VlWT8b9r2ROf1MnkFs8A7Zb6t8cub2DCB:EFsVPPVle8BsuA7Yt6b/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Xloader.exe

Files

Xloader.exe
.exe windows:4 windows x86 arch:x86

Password: 1

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ