Loaderdnd[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Loaderdnd.zip
Size

11.8MB
MD5

79ba17d9b9d66536a253cbefccb27323
SHA1

efc458af0ff75dde89f7c008c3402da7964f72c5
SHA256

e0858a95e748d96789bb15229e788edeb875ff23cde24ecf769d46a9dd5def61
SHA512

44ce577f3ebf2f085cb0387cfe0d1bdb31a1ecd9b2b824247b64350825ad258d1827e4043b3bc13db140818ce0fd57d22c140b9a97354b2268376f99ee932ae2
SSDEEP

196608:T5z/AR30zyMnHK/c+uPnNKErAeHFb1BiFPPvGXZdmkFwzb0iN1MlQbut+KPkVMQq:dLAiyMHMOnNKeAeBOXGX7mAwMiN1StlB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Loader(dnd)/Loader.exe

Files

Loaderdnd.zip
.zip
Loader(dnd)/Loader.exe
.exe windows:6 windows x64 arch:x64

60672d5fb3e997f1c5e4b50324dcf84b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile

user32

IsWindow

advapi32

OpenServiceA

shell32

SHGetFolderPathA

ws2_32

getaddrinfo

vcruntime140

memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strcat

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.|JJ
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.G[~
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.>a;
Size: 13.1MB - Virtual size: 13.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Read1.txt
setup.txt

Sharing

General

Malware Config

Signatures

Files

60672d5fb3e997f1c5e4b50324dcf84b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: - Virtual size: 109KB

.rdata Size: - Virtual size: 8KB

.data Size: - Virtual size: 27KB

.pdata Size: - Virtual size: 2KB

.|JJ Size: - Virtual size: 8.2MB

.G[~ Size: 512B - Virtual size: 240B

.>a; Size: 13.1MB - Virtual size: 13.1MB

.reloc Size: 512B - Virtual size: 252B

.text
Size: - Virtual size: 109KB

.rdata
Size: - Virtual size: 8KB

.data
Size: - Virtual size: 27KB

.pdata
Size: - Virtual size: 2KB

.|JJ
Size: - Virtual size: 8.2MB

.G[~
Size: 512B - Virtual size: 240B

.>a;
Size: 13.1MB - Virtual size: 13.1MB

.reloc
Size: 512B - Virtual size: 252B