pesto[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

pesto.exe
Size

43KB
MD5

96f58804f38a339ddd62496533dd4a64
SHA1

7b0947d4d5d4fa739e1fd8ce932e01e44ae75588
SHA256

1220653f44ff074a37ec92ba8a1ce9ee6cab1311dbcb7201e3aa4d390cf4867c
SHA512

1d6964280d5f2d5a7d1096584703573552c592b4f33bfa41e4b89ee1c94fa1ed551d285f6a27619bf01344b28fe33bff0dd7b8f0c6c4a11f75fcdbb634f92216
SSDEEP

768:5xQ4v/nanKNEZC9JKTS0xaamcZ1qY6SwdE:Xv/nAMEZCJexaaxHqdbE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
pesto.exe

Files

pesto.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\Sources\fivem c#\SkypFivem\SkypFivem\obj\x64\Release\SkypFivem.pdb

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ