VillainPID[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VillainPID.exe
Size

3.5MB
MD5

0d5c4a561bc70c17c6b2a9991aa88522
SHA1

06aae9edae92898ee08a29985569a46f75f4a506
SHA256

c255dff55c0c916bc5da5914138cef5d5aea0b0d1fdfff0f562c32b6db407890
SHA512

ffc6832b7f6d3dbd86bfefe05ccc324b49e5f8ff87b8cb402cdaa19c920188bc57260aa0e678ff6754e651ca976d8091cb4611b6a78d1ea31c15cfbe0239ee21
SSDEEP

24576:YTrReD1gcJTi2wZPeA/CvOvoo/R265twyiG0sZbDk0Z5U:YTVeD1gQTi2YPeAavOvooM8tw20

Score

N/A

Malware Config

Signatures

Files

VillainPID.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ