svg[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

svg.exe
Size

14KB
MD5

c2d6323433f12640399369365afb7aba
SHA1

e47996715af29f5a49dc17308cc4dc6ba84a0356
SHA256

bd581808755c3956156c48035e15aee1981776c91c66b2e773b053f70715e0bc
SHA512

401e1aef1f68fcda8bbdb301852b6a263b6d27ec31ba2096226f42cb1ef7db832992e00babc5e526d3ddee9fc53f348ca2cfaebe07490b4d3a1c34d5c1930b33
SSDEEP

384:tB39wbVfEvHMtUGlsbX4lAMwTGlrA/PE:1wZsMtUGlM4mMwTGlIPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
svg.exe

Files

svg.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\rootreaver\source\repos\AutoSmuggle\AutoSmuggle\obj\x64\Release\AutoSmuggle.pdb

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ