Bypass[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Bypass.exe
Size

39KB
MD5

fee315c63e4d23dff483c18c3cf67c82
SHA1

5ea22d2b6079851ee8ef5888e3c6bb831433bef2
SHA256

efd78951465f0df7ec169a737767c4f392ccc2b8c1af008e2109528a74e1098b
SHA512

83fe705631e7a603683e730a71c89bbf1ec40526bdbf364204b21a7cb77e9224a2323ca30fb2313b993d4ea8be87a6ca4d9624d2920b7370ef4749c9454869a2
SSDEEP

768:Fymk1YbOIkpn//z9N/zl9/zE/zv2qQ3zg6cccTqmRRbmRRi:I1Ybrg//z9N/zl9/zE/zv2tc2WP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Bypass.exe

Files

Bypass.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\s\source\repos\$\obj\x64\Release\Bypass.pdb

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ