CassiniDev4-console[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CassiniDev4-console.exe
Size

140KB
MD5

6ce12b5464def3e4cbfe2ab74eb57341
SHA1

597f6494f949389949dd16cdc7e23b780b7cdb6d
SHA256

a40eb3e2468e0fc26366af787effbcb6c0bca2fefcb105863620d50740745ac9
SHA512

d814716418b2605d2a5c66be9bfd6ebddccfe1b29a12ac0b890e34aa133610b91a7c6986d1cc62b4a0375133294c83509cfc990834c6a67eda9d72706f596c91
SSDEEP

3072:lTPAFZt/o71TR+UbnF6E1ObqXf54sYrWQJSUIzC54sHO2Gx4+H:hPAnUVEmF6E1qq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CassiniDev4-console.exe

Files

CassiniDev4-console.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ