C:\TD-Files\TD\FiveM\Premium 3 C# Loader New - hider, new - free\obj\Release\fontdrvhost.pdb
Static task
static1
Behavioral task
behavioral1
Sample
TDLoader.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
TDLoader.exe
Resource
win10v2004-20240611-en
General
-
Target
TDLoader.exe
-
Size
903KB
-
MD5
735843a88c00cb5d1e543b8b415fedae
-
SHA1
b2a2ffeacc84ad561aeb6211cae8310e9b080fa4
-
SHA256
6cbdc7b32de7ad74f26b260a0e9c6477ac630bc4e535c7d57f5adb6147f4fc16
-
SHA512
c09f7e4cbee58253f884dbbbd731616de4b1452d47f4fcae549697d1a189a6e57b03d44d718b80f4c0abf059f8027dc518dee40fc2d9e070bc762a9ce7dc3a79
-
SSDEEP
12288:RpzYjf6ne5t4vVc5mbljYDuRm/e5t4vVc5mbljYDuRmg5t4vVc5mbljYDuRmb:DnbAmmCsbAmmCKAmmCG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource TDLoader.exe
Files
-
TDLoader.exe.exe windows:4 windows x86 arch:x86
Password: 123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 832KB - Virtual size: 831KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 70KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ