Telemetry[.]exe | Triage

Sharing

General

Target

Telemetry.exe
Size

81KB
MD5

2d9777a0e299315b23d08955389154ed
SHA1

847c948940073a2da39620763dc53b66f20e4e2c
SHA256

d7a308da069dcf3990f4cbfe57b8a1cc79c5f6b1259da795bba61592b8cf4b08
SHA512

f7ccd2691e4c074a4ffa74e5708c5f0cae97ed54fe074754a66ca3f118dc99881e4ce943caf4838aebbfbc3df968e969fdb1400eab0cf6ce490810c6c3eda5b8
SSDEEP

1536:g3i9pdswXtBVBBM4Jl/J4CIR9u5MwOXT6CaSs0OkoLm5AS:wwZzBMgz0nuvOXT6PSstfS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Telemetry.exe

Files

Telemetry.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ