ngrok[.]MCS[.]exe | Triage

Submit
Reports

Overview

overview

3

Static

static

1

ngrok.MCS.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ngrok.MCS.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

300 seconds

General

Target

ngrok.MCS.exe
Size

57KB
MD5

0254467fa3dec7c925b108e4cb92efb8
SHA1

0c214218b92b6e7f9870cda5864b9847f106bb26
SHA256

629758849e6e5b67b8d661cce6e81eef451e2bfdf97afa5fde6572de8000f33f
SHA512

4f081a6ad81ee5aee1ea3337538c3c5040591a7c01d608cb41600a897f377d04905c18048fe76e3a1e64f425d78b08a270f9fcd3b90483fadb4a5f12d82815c7
SSDEEP

1536:ka8esNvSVph7fwSHQ2tm1+CkUzhPR9IlYlu89E/y1aLKa:kaDh7f3ptm8kmliu8JMua

Score

1^/10

Malware Config

Signatures

Files

ngrok.MCS.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy