FileRetriever[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FileRetriever.exe
Size

157KB
MD5

26046cde878423be3d9a115f88b43db3
SHA1

6fbf4f43864c37b123e5fae851233c7c4b46c4f8
SHA256

790229123feaeb107ec72ff604e0ecc22a488f1de0b770e7b3d992a9ff8cec7d
SHA512

1dfa42ebb798699b6b383eb7ef17652ea14724c681af133b0ed604a76ab9aacc9199b61b977714ba1858b3d12dcea72672894aa922520899c30fb70b321aee3f
SSDEEP

3072:TCk6Jmh/N4gT9HJbhW8cpWeb1qNJ00VKNr9AMwYeRgNIGfnq9aPBAc9IKlCVBDCS:Wk6JmlN4g9JbhvcZ1ogP

Score

N/A

Malware Config

Signatures

Files

FileRetriever.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ