Krampus V1[.]0[.]2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Krampus V1.0.2.exe
Size

7.6MB
MD5

4682475d9c1406cff22e50e9eb71676b
SHA1

9cbf7bcc2029b46b868e7267cfaf68ff33729a52
SHA256

285d0de926fdd560d42987824ce4c251342077327607c2f112ebff664be5c612
SHA512

988135b23c1b796184ab952501c2738033c7ae3dec9176be16c2726848561282916a55231f238b0e28da9f7b068bd1b4f40e69d3604d2177318d062ca335ec26
SSDEEP

98304:9vrSc0SbSMt+dnz8JjHWxJHRLIHzcrmpliRYOeTjcIJ1IlhlWu8hK87N7Ceg6H0I:MMt+dnIdHWxdKHoYOeXRihlWu8YgoPI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Krampus V1.0.2.exe

Files

Krampus V1.0.2.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ