C:\Users\furystark\source\repos\porch\cmd\obj\x64\Release\ampozpwd16.pdb
Static task
static1
1 signatures
General
-
Target
porch.exe
-
Size
10.4MB
-
MD5
b39d45575db53b6919ccc3b62813df4f
-
SHA1
cc1155a3a991f8f7d84f4008c0838249fe6c2e5f
-
SHA256
a5bd94b85484fc65bbc096f73ef8450fa20467a0d45f0100a96dfb1981bf7cff
-
SHA512
cbf6db9300a6e8b9b58120490331ee39169506a8edb23529f3b1d648c3b28ac635af7f35addeead51ae56f8470fa23855d634f1250a2d93175d29b66f242ed19
-
SSDEEP
196608:Detqz5Xk38tQ9RB7QFTBHRFqzof12qYR0RO8L+c4tVhBmOw3HwOg2JFCYW94:qtqzpaBcZBHG82qYbc4w3HwOg2s9
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource porch.exe
Files
-
porch.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Sections
.text Size: 10.2MB - Virtual size: 10.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 265KB - Virtual size: 264KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ