CD_DUMPER[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CD_DUMPER.exe
Size

237KB
MD5

80c8a38fe9b8d71c7f1c40812e7eb3b6
SHA1

a5197938b98b81f5e5ab51df9e58cbfd1d5fee5a
SHA256

99e95899dfa5fa700d4459a5125c98beb618f3eaf672bc708ecfec429acde3a2
SHA512

87cad681c193f0588ccf4c3649c346dcdc529abbf618beef8ab578e01a67b16a5dbdc8ae0c8477e92233d521fc114be9469cebe747dc81ff6af79198c91917d8
SSDEEP

1536:HFoLb/Au+114b6MEPgArzWLxP3BDt546pMSIBMeoKiV2e9ejvMUsc66cjd0NzAvQ:l6bou+D46NgArzqD/40MSc1cMotIFR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CD_DUMPER.exe

Files

CD_DUMPER.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Rutkuli\Desktop\Fivem-Dumper-master\DuperUI\obj\Release\CD_DUMPER.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ