Rookie-PCVR[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Rookie-PCVR.exe
Size

921KB
MD5

1c4c7939b0a3d5a371b6004b543c0a56
SHA1

fc44e85e02c0ffe75035b5b0b3c5b77ed7148a09
SHA256

0072af14ad563cef549f8f9c0fcb7485d4776e0e38444aefce0c6a5b281764d0
SHA512

02149a27430f82739e7fbe5c778a132ba4fb049ecd1df09164c84908099f05b9015b1ef0ad6f360dffd67e524ddb53c600f92c1e31c737aa8e04e7bec2e382e5
SSDEEP

6144:3Ibz3ot+NuM3uBJgUpL8SNFDu/O63hGSb/DB5pr0+UTsWkef1XwxQ1GA/aMSbn9n:kVuHp5bu9TlLfUTdwq1h4JyTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Rookie-PCVR.exe

Files

Rookie-PCVR.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Sideloader\Rookie-PCVR.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 517KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ