TrueStoryMS[.]exe | Triage

Sharing

General

Target

TrueStoryMS.exe
Size

9.5MB
MD5

3e2d217904e447c947c8599db0e3cc35
SHA1

7f64a6900ec75e7be80834b4da382922c94b76a2
SHA256

7b4f05dc4759b816e0467d4b8f22b63d529e32e23afbbb5a13e5af7f17bf8b08
SHA512

e19abf0ab73cbadd9682cd63e16eef24d5df268a4fcd3ce2901a2c6238821d0c42981e125a521468916cd15dd5d1b539c17924e96bd4f8fcd82facd88829be4b
SSDEEP

98304:vMeDRBamHwHrDtBLSdOstjwa2ge/z/R6yLgNDmkRNSoQBrkqWews7MFGO:+mQHr8ea2XV6eEBR3QB4qWen7TO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TrueStoryMS.exe

Files

TrueStoryMS.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 8.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.3MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE