TTKG[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TTKG.exe
Size

4.7MB
MD5

8930eb0eb0d279eb3b65c692a6422d0d
SHA1

955df36655c7413fe54fb4d2043add6a8c2932bb
SHA256

b1da941dfa9bc0ec0f201606cb12e6ed8a5623e6a068b8ea96856d269493735f
SHA512

1aed38c133df1a517000d17bbf69a682e0dff19aeef0eb390b54b02339bc3b15eca5268fc14f04da8a906260c2bf500294a67591e9a51555a761dd32ee3d1d80
SSDEEP

49152:I8JNzlG4gR/LYrzMg+HwPoYoCHER1UBoG3zw/neEkkqQS/ykSxU4:TlG4I82UtHEtkk/neEkkqz/dF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TTKG.exe

Files

TTKG.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qcgkwvbv
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

diiixaqz
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE