TS4_x64[.]exe | Triage

Submit
Reports

Overview

overview

1

Static

static

1

TS4_x64.exe

windows7-x64

1

TS4_x64.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

TS4_x64.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

TS4_x64.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

TS4_x64.exe
Size

32.3MB
MD5

aaff8bdc198a83328ae901af0c6012c2
SHA1

0e7dd7573385a75d3811c5ebc1150bbf5a1496e6
SHA256

233f7e4abb3038cf522710ba2e134ea12b384fc573dea755c9dd0b646827b9e5
SHA512

de2553b251c93e1451eabf1aeae41195264d271d09d33b2f4195f54e718f2a998b628e037a73463ef7f451737a762e1ce2cfad9349bddf6977c5ab778078aa86
SSDEEP

393216:sFWwL48pjbAUjSo8Z/wGH13aMvKPS6yvMsBxPszZ+L67jqJUOnebMDQmQuOiI3ZL:sFWwL4PUjZ+8zQ2jQPY

Score

1^/10

Malware Config

Signatures

Files

TS4_x64.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

AmdPowerXpressRequestHighPerformance
DSS
GetDenuvoTicketLocation
GetDenuvoTimeTicketRequest
NvOptimusEnablement
SetTelemetryTrampolineFunctions

Sections

.text
Size: 22.8MB - Virtual size: 22.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ooa
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lootbox
Size: 4KB - Virtual size: 32.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy