ARC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ARC.exe
Size

501KB
MD5

ef2b9b13ff4771b9908feb389cf2a091
SHA1

8b451412d9d227ef9609d6cdcf79bf7c09f00e76
SHA256

ae45df26e634cf192106f3aa342db39d1a1639197964f9473c4bbedd5b1f3dcf
SHA512

5db1580994e73e3dc41b58df229407262513ea4674888b955658a43e45fbbc42b255c0563b33413877fb8765427a9ede2ada73c5f85744f53c466a85ac810704
SSDEEP

12288:CXT8JuZVzluZVzpVvuZVzDuZVzbVDCuZVz:ClZJQZJpVWZJ6ZJbd7ZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ARC.exe

Files

ARC.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\sdd\Code\ShrekAvatarRecoverySystem\SARS\obj\Release\ARC.pdb

Sections

.text
Size: 477KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ