SharpHound[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SharpHound.exe
Size

707KB
MD5

83113a00b60c15163c837972e6f3aaa9
SHA1

806bf7a15764cce98382ac1bbfa687fc1e1f8edc
SHA256

8b5ccbc861d0a95ad8cabf6b3f7aebae55146a7a518e7122de27f4e2256de216
SHA512

d4778a581a2abd9bd63d7672bef06d0622c55abc783a893c44bc1416753f50ccc6e65c8122a5e5db316b580d3481524c234cb04320b5845d093760c6f68aeba3
SSDEEP

12288:/8SG1CYwH8iiZdfrXg+JwuKt/S/60Abv5jAGq2amJO5fG2gjHy:kSG1CYXiifw+Jwz/S/6lAS/JOeNjH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SharpHound.exe

Files

SharpHound.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 700KB - Virtual size: 699KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ