Garbage Cleaner[.]exe | Triage

Sharing

General

Target

Garbage Cleaner.exe
Size

258KB
MD5

b819641b4818ce08cc69e5c127637b5a
SHA1

e52fb652864a793165322534fb5d474986cff9ac
SHA256

a949ca53015528c813ea9f68c444201905f9bb129f2bc44ee2434b1ff5ae4966
SHA512

0eeda81bd0b6b7397e88b34bdea5a28356ed4881727e3da8b92c56f71e84e90041fa49235815fb90099dbc8482f53d8e384da7b85f86cad35b9eb0647cf0704b
SSDEEP

6144:m/083RqCJbIiZnLIO0+XSJxK7ANPEyDF45Cim77afM:0JECy6n8+XSJxK7cP3a4AM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Device/HarddiskVolume4/ProgramData/Garbage Cleaner/Garbage Cleaner.exe

Files

Garbage Cleaner.exe
.zip

Password: S@ndb0x!2023@@
Device/HarddiskVolume4/ProgramData/Garbage Cleaner/Garbage Cleaner.exe
.exe windows x86

Password: S@ndb0x!2023@@

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json