SweetPotato[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SweetPotato.exe
Size

904KB
MD5

512345f26a7cbc3a92cf583101f2c90d
SHA1

791901d2a43f3add356f4bafdacb607904cf2efc
SHA256

c557abd97da86563c99b925c58886f9d1dc8c0965189711940bbc83d22cf0038
SHA512

b718ac73f7cd9c936b2004ccabeb7d1af9de1649a26d87e5af26cde1b5bef23910097e799906884a95e6345da887cf1b0c1a3500b18fcfb97e10ad29283778a0
SSDEEP

24576:8dc8cY5G1FOPjWcjL8TxNYqEv0rODHZ/lpWUmJKfplz77W+JK:85cY56OaccTtsWIZ/GUm0fpB7

Score

1^/10

Malware Config

Signatures

Files

SweetPotato.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 901KB - Virtual size: 901KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ