debaf6ffda7920d303b427c48d2f3aff | Triage

Sharing

General

Target

debaf6ffda7920d303b427c48d2f3aff
Size

35KB
MD5

debaf6ffda7920d303b427c48d2f3aff
SHA1

01372c94a8797c6767955f1db0c272ea002b3dcc
SHA256

8aea9fae5a7b62d99763b60f9ac0268f11bced007aa677829e4570ed32992a4c
SHA512

a064858b1e52bf010346ecae7fbd3df382e187286d2f944c29843c120f228f745276d766dd999a7fd8d37f95601fb1f4ab4bf84f3789c75db0eabf951a8abda2
SSDEEP

384:CFpTaoN+I45TWKfxEAKVxiRzV+lddznvQuZganEsD9MGa2yCIsZZF0UOkFTVg5kX:nI4wKpBzaddTQwEseETiiO5pSk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
debaf6ffda7920d303b427c48d2f3aff

Files

debaf6ffda7920d303b427c48d2f3aff
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ZoulouTChang\Desktop\Auth.GG-CSharp-master\Console Example\Auth.GG Example\obj\Debug\Auth.GG Example.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ