UndericalLoaders[.]exe | Triage

Resubmissions

05-10-2024 19:08

241005-xtjpdszclr 8

05-10-2024 19:08

241005-xtc7lszclp 3

05-10-2024 19:03

241005-xqp21avbja 8

Sharing

General

Target

UndericalLoaders.exe
Size

1.5MB
MD5

fc9b7cd18124db61b71db9efd0adba5a
SHA1

f9246c86e20434217a7212c967609708089a909c
SHA256

8e6aa5798b441a19a3a26f350bdd0953e936ec0252ada8a5c6298b3ad3da11a6
SHA512

bcf6685383068a7f7907f9ad7745f86e053972c37860ef17e6ca7e92c271e154a329463455059e0964ff0c907d60b9a36a51ee1917bfc7ade2d57f61a3ddfcff
SSDEEP

24576:xPx7RNF5lddDnwjIxfqkC6RbkClc1STFZqZx9HhOEHQ1jhVmdyCl:xPxlNF5ldxYgqQRblbTfqZNpw1jhVmdJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

UndericalLoaders.exe

Files

UndericalLoaders.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\patri\source\repos\UndericalLoaders\UndericalLoaders\obj\Release\UndericalLoaders.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ