NixiusLoader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NixiusLoader.exe
Size

1.6MB
MD5

636fd53fff9d25c36ddd8bc6d573764c
SHA1

094dbb353f9e5c11480ee5e7a31891b2ed288149
SHA256

60358c352891832fa8afab6838d074e6b713f69ee53732934a46825efb1d9afb
SHA512

ece11c6320d5d911b494cf5e49208f882cbb0a6e3e3ded75dad6cadd15cfcac231238c11f78f5670e1800ef44e84e0bb5c7a42c94e1c3ad12fb4ab9ec22b4a0e
SSDEEP

24576:6k2yFOqc6x8e9T5dN+pZIELCRbuO/2Y5TR+u8h5Qj7xaixFZBh5Qj7xaixFZ:6y3c6x8ET5daZ5LUbuOeY5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NixiusLoader.exe

Files

NixiusLoader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

!Sugar
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

!Sugar
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

!Sugar
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

!Sugar
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ