ttt_protected[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ttt_protected.exe
Size

92KB
MD5

a7c8e90e9c06625f808a6f6e5fe4775b
SHA1

ff6749f20753f44ed73ab6b36789d820c0b624e9
SHA256

4c0f3b5453809a6eec5133d2f723fb1cecd88cdea333788d388c6bc136a6cff6
SHA512

b1000d51951d9dc1586154e677f537c1acec6f24e862e68fb955189b27d3afd05a000cc5f39d93e622551b997df0bd990135431206aa142a8252661497bf0025
SSDEEP

1536:PgVsUtzC6QQYPaaSYaOen7RL9d2Iq9srUKaPykvRxsHgY2CSIZing9DbgcWqdaoj:PgVJt26Aa5h9uDKaaLAYXSIZPxbgcWqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ttt_protected.exe

Files

ttt_protected.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ