chatwithus[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

chatwithus.exe
Size

94KB
MD5

794611fca6474ec37bbe5dbff3b475ab
SHA1

adacbabeac5b164bbe30d441efde2daee3a878c5
SHA256

4f6ccc3d4a62fd0cf7af7ed63ac12f90f46261f251cab3dc2783cad4674a9e05
SHA512

539669178baf248a9d992d595d29e9b7b0286b4a78e5140c7a09bc253277492fe7e61b32f3e5885d8e65c5ef76d733ae9c73f3d9de571e4e0ac079f5408ee698
SSDEEP

1536:fbsbfRKrE4FG4qWE0lcdCgJiWE0lcdCgJ4skgx:fbs0rlFG8oBJJoBJ4dgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
chatwithus.exe

Files

chatwithus.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\malware\theZoo-master\malwares\Binaries\ShellLocker\ShellLocker\obj\Release\chatwithus.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ