TelexCopy[.]exe | Triage

Sharing

General

Target

TelexCopy.exe
Size

772KB
MD5

f2168cd60deb04a9bd7817f31468e9cd
SHA1

2ddc74827c961308aeba829606edb7268808e4ce
SHA256

3da2acf6472e1cbc00e90110332f20a9c70d8ed0561ccfd4fe78322cdeeea5b4
SHA512

92a3009b69df37b01e06e471a8915fad5c2f868a87d014eb278bcc53504a18c66a9d352e0fcc335b93ba38608a4bb91d05e9a5fab7438c585d26e17b51e13e99
SSDEEP

12288:h4rGJKaRASEDRkQmnG2J7SEONrr+x3yu2bpPUCgJIhVyD4JgnJzG2wtV:2rae9Nk3GaSEOZr+x2bpcCgJI/0Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

TelexCopy.exe

Files

TelexCopy.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 662KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ