TIS_RTSS_Client[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TIS_RTSS_Client.exe
Size

344KB
MD5

f38bea667683adb26d4f070a48c99e03
SHA1

9b95ef363153b406b038362b646ed052dff4e4f8
SHA256

5b7999c9288f8b60dd90a5b67f11b2f0f1033dcf063ef41791c5bfc3d8b7572b
SHA512

f8ac0d7514acc82a82f7026710166dbb0862aba25ecd2311792f7b4c451d8b90a4407fc00bff72f6e23ddb48fdd2fac418e8b22a55ba88fe7bb5f56bb2b6822e
SSDEEP

6144:cdJLpPf/+zbLrORzyDtc96YxGrmJn3uLr/+zJLrORzyDtcbm:uMzb2Rzy29XfuLKzJ2Rzy2b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TIS_RTSS_Client.exe

Files

TIS_RTSS_Client.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\TIS\電子帳務版\TIS_RTSS\TIS_RTSS_Client\TIS_RTSS_Client\obj\Debug\TIS_RTSS_Client.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ