sp-4[.]5-EfsRpc-fody-latest[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sp-4.5-EfsRpc-fody-latest.exe
Size

1011KB
MD5

3d69abbacc5d769789141a2323ec7841
SHA1

22e9fc395d2d13c278bc0f436611e1246f8bab10
SHA256

6856c5a93a4c241958a085e3651abcf334f1242a9b3b0bc23fc1852db674420e
SHA512

4b86ce153cc8eed61d6f1c294d3425ab1c1f102e814e91141153188621598747ad2e460c8cd02497e8a70bcc471fbf587ca63815b2f9d9c064d71cba23cd984b
SSDEEP

24576:F2BWLJjKV36KVo64UgcdRbh3N9pGFspeYnqqtv:FtLJjKl7VP4LcLbh3NKFkJn

Score

1^/10

Malware Config

Signatures

Files

sp-4.5-EfsRpc-fody-latest.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ