AstarothSpammer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AstarothSpammer.exe
Size

591KB
MD5

35521d550e39cd87ab50f0bbffc98492
SHA1

ae74000255fb3edc6ec597ce849777cf736046f0
SHA256

a263dfce21e66a3f98ae9b7e7f04cb3973ac0f1554bf07f2392cf189187d54ba
SHA512

6e456bd9de6a8e95347f47fc9490cda485777189ed476c673e8f22171ee6d5efa87f08a4cda11fd201d97e57df4128fa3ce6acc9b9b411a8836eb3be3dc4bd6b
SSDEEP

12288:Zgrt/osBpOM57LzNA2FM+kQiBAKMBUVfBfEI2FM0kQiB:IfvNA2F4QnKMKBfEI2FqQ

Score

N/A

Malware Config

Signatures

Files

AstarothSpammer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ