Assassin DupX[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Assassin DupX.exe
Size

24.5MB
MD5

e3ca17872bf3fc2c5a6680426bab7fa6
SHA1

ba2be609501c8c3aa3748afeab8a64e88463d319
SHA256

d5a166e49fd2fe6aa8cf051048d40ecfadd9d0bfc846ce57a8a3967fde466e40
SHA512

04d94cc478727a51400851660f084af40cc173e6fc8eacfaa7c8e69ef8b4550891cc600e6be063efe6fcf7fb76354da2c6d02c66692038584835cb0a0296d275
SSDEEP

393216:09dQumrAZYCuPJOIegCZAlwlqyukB7/m3pOusy4ppt25rUHDc/:EdQuvJuxtzCWlwlqyuoKdutcUjc/

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

resource	yara_rule
sample	pyinstaller

Files

Assassin DupX.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24.2MB - Virtual size: 24.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ