9a75f187c9456a249db0db5bb6c2a8e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a75f187c9456a249db0db5bb6c2a8e0
Size

12KB
MD5

9a75f187c9456a249db0db5bb6c2a8e0
SHA1

45d01ddf2902b04e3190b543e334e273c8dbbe9d
SHA256

e62d001f618d7b50a82953b55faacea25fbc2ed0ce8c79a449920ee7de9b9c13
SHA512

04fa0dfaeea839921a2f86f31e742f77cd84d2895f48c787df9d38b448f4203aa15dfaffda7012bb48e26a0c586af05b530824ea4db5820bf5967a19ee92f084
SSDEEP

192:7lG4p4fyX6wtNZdYy1V1p/4RknpbLB4g33f0WHEgbFf:7GyX68ZdYmF/4Rkpb1HHfhlbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a75f187c9456a249db0db5bb6c2a8e0

Files

9a75f187c9456a249db0db5bb6c2a8e0
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\免杀\SysCall_ShellcodeLoad_Csharp-main\SysCall_ShellcodeLoad\obj\x64\Debug\SysCall_ShellcodeLoad.pdb

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ