Orbit[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Orbit.exe
Size

7.4MB
MD5

9a8f8b703d96ae5282b5e8eb4bb92760
SHA1

7d1942b715a06cc3a44247e33cbc2ac35ede464d
SHA256

60ef1329106e15b5340de32e78c018996d732ec86e2a9c553fdc6ca13250b4c6
SHA512

46c00f20f4715e954cfaaf9bbb438e630594a5ac9d1ed3e4f0edb16739ef5e7f548e623947b7d4efb55c70bab73516c352f470bae0c9992ee660d2cfccddfce9
SSDEEP

98304:pnMiHbalWeWP84rAJzM0gLIRfyC7egWJjqZ3UiJ9xbxxkqXf0FZ7YW:p7OM8Wb0guhegOwVHxbxxkSIZ7YW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Orbit.exe

Files

Orbit.exe
.exe windows:4 windows x86 arch:x86

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\ninol\source\repos\Orbit\Orbit\obj\x86\Release\Orbit.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ