7def4915bc5aec299120d298f3d788be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7def4915bc5aec299120d298f3d788be
Size

12KB
MD5

7def4915bc5aec299120d298f3d788be
SHA1

5c2ca97ce12bcc46caaf6cb0dd9809353805a428
SHA256

7499238b57e29286193376ee9b3662af415cdb96b55a35184894eadddd554c19
SHA512

fbb3ed17d05b71c97bc4c50a83921103fc53101a748d7f171345d7404fb73af6a36b6f58c6efdde2aee3e9d2ae6f572b7a7d204ab6618f47c9a9a5cc8dbbc1a9
SSDEEP

192:R3KMzFnCC1KrKg9G0NOlp5T/jaBmzd5mKirqQQb:R37V1KrKg9G08zVjaBOd5mKirzQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7def4915bc5aec299120d298f3d788be

Files

7def4915bc5aec299120d298f3d788be
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\Pentest\PrintNightMare\CVE-2021-1675-main\SharpPrintNightmare\SharpPrintNightmare\obj\Release\SharpPrintNightmare.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ