XB36Hazards Launcher[.]exe | Triage

Sharing

General

Target

XB36Hazards Launcher.exe
Size

4.5MB
MD5

d7fa5514b7db10a7e7b6241747d59694
SHA1

c09d7316a52e63577d9819bfe699bf25efd073ae
SHA256

31d054b969f3a7824714cb7a9d346b2758e17eb556d8dde49dd00e6d2a94c232
SHA512

f748cab407ae617a5609ee77117e9522e947c1a6462156cc5fbd76c8623ce2ef05f48381e55f05702a3a0cc25f9af55e76e7a3a08f892b81611ed11ff5038c3f
SSDEEP

98304:fRlrxS1ngLfwQH9faVuskghQ+F4Cj5k+biapSEYhxISDfnH63g1+D7m6Z7mn:fRVxEnhe9izkEQXCj5z8p6wCm6Zq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XB36Hazards Launcher.exe

Files

XB36Hazards Launcher.exe
.exe windows:4 windows x86 arch:x86

Password: Name: XB36Hazards Launcher.exeName: XB36Hazards Launcher.exe

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\XB36Hazard\Documents\Visual Studio 2015\Projects\XB36Hazard_Launcher\XB36Hazard_Launcher\obj\Release\XB36Hazards Launcher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ