Telegram[.]Stub[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Telegram.Stub.exe
Size

767KB
MD5

2a44d4c6096e74723c78cec50ee76bbd
SHA1

b4d7c798a9fe822c68c11cc9e83961b99e509afc
SHA256

b2296934b6f7c43d749e83109272855c804129f0b63f37aac1944997de23baca
SHA512

763a9098cdd99784b870cd88cd7c6c204ad0a3ad6efdde7f8ca6dd5d02b15686e43e2831ed4bad4da29702cd8f7fc3a718d2eb3d3e56c26ecf816236132f8f2b
SSDEEP

768:hjUX348QBOb9tN6AF9fQ3WH2P4tMNVBP8dH2VBUtcSX+kH2VitrtR56/tYcFmVRl:hj/83bnN649fN28MaB2IKW2Y96nmVRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Telegram.Stub.exe

Files

Telegram.Stub.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 762KB - Virtual size: 761KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ