ShawtysLobby[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ShawtysLobby.exe
Size

18.3MB
MD5

41fc1163281c3b68be46b962a81c58bb
SHA1

1303e3e86e421f86bdfff0fdf2f7192bb2956d60
SHA256

3ba0f13406adb1a62cce05e6588e2077e70a7712cff8c084a45d8c6807fc1c18
SHA512

addf2a2dddacde382bb7008daee141e7d6efdfe0ccebf3de1dbb34aee26420e987186cc16edfaeab8d3c60e242f16f03c384969705ac1349e7e06c16f7f93730
SSDEEP

393216:ct6H4f7vQ6/fUe3CZyshpcvasskzTM12VEMpFXdTtbP9xOASv/L1aU:ccH4fL/MM8fcCsskXMGjphdxr2ASb1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ShawtysLobby.exe

Files

ShawtysLobby.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 9.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.8C%
Size: - Virtual size: 13.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Q_]
Size: 18.1MB - Virtual size: 18.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ