Deceive[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Deceive.exe
Size

1.3MB
MD5

cff2906ee44e19de901429a0c5f0318a
SHA1

82291e72461c302667b74d6a45ff5eec48bc40b0
SHA256

bf33ffff83a2a70050bd4c7ad562b908ba10da922bde4643b9c1034b7e45234b
SHA512

466a8356d0be2ee1385f55dcf6b8952facba02195f0096c0d4418715ea9390c636e2c1cb921ae1aec5e069acfee3ea50a8e835c7607d0495e7fe5b47770662d8
SSDEEP

24576:ujjj1jWV0il9s7yHjTjCJTd08imlKfITk5BkAptcxBOqDVphkgRUpbtjhk:ujjRS+i3s7yHjTjCv08llAIIcC6BOqDi

Score

N/A

Malware Config

Signatures

Files

Deceive.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ