Baseult AiO Offset Dumper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Baseult AiO Offset Dumper.exe
Size

667KB
MD5

c5dd739d6776881afa909e19b8bcd515
SHA1

80e212e5910b14d8ef8accd037c7daf3383fb7e5
SHA256

51c8e36b83281e33e2c3f5f352b10b961c23a502854070eac8a15c88b9a3bd70
SHA512

18a91f19138744023b02dd7db8dc2c0fd54e0078caf61edb7ee6e4bdd00f1879f44a1bccf0eda665f5c34bb8c42df1f24a309744df760f58f3777bc99a4d0d6e
SSDEEP

12288:sgftky3u8HMmhlTEhb3nDb7NvH6AT86hZss7GsVCj9Pz9vUQ3RryFot2wkda7EY3:HfeE0mvTSb3DbpP6Ag6fssys4j9Pz9vL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Baseult AiO Offset Dumper.exe

Files

Baseult AiO Offset Dumper.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Baseult\source\repos\BaseultsOffsetDumper\BaseultsOffsetDumper\obj\x64\Release\Baseult AiO Offset Dumper.pdb

Sections

.text
Size: 661KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ