ass[.]exe | Triage

Sharing

General

Target

ass.exe
Size

595KB
MD5

e8e5dae88d309021cc5c3ee7f8da1673
SHA1

d1ef6f4cbac93722246082f71f14a2abbcfa4e1c
SHA256

c57b5af5b26c62b070b1345cfbb63d27b72ec4283f68cdcb80bd791cdd62a4af
SHA512

e49f83f12abaa5249dcd326c8cbc8cc1b2d3b51a32a4a4b8227109f5e635a3be23a40623acb9e9b4cc5b21ec731239d9dab096c32f9bbfa0cdcafd91f5bcfe68
SSDEEP

12288:0ql9vBpIjqGMzsEXAxARIRiRbmAY/6mC:0kpf7HXAxAMvymC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ass.exe

Files

ass.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ