Hitler[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Hitler.exe
Size

83KB
MD5

d77f307251c4e5b7e6b2a5620f31f8bd
SHA1

19e2859f6e1e8e229181484319a580b548a11c95
SHA256

cc19c3241f7e32532218b47a621622c832ba4cb34006a3729c76fc3d45a3de3d
SHA512

c2e9d63d80071f2a2c33ce7b628c6a7df19ecb4b76631fb496b05ee60835f39741476b76da0204e03da288869419ed59e064573c875eec7626c9fbec7e09cf67
SSDEEP

1536:1dD86MqUasSS22DX5t8cM4gLP+NsOfL/1TqBk/3XU155cNQwewC9gPYgx:GDX/jKvQ/XU15rgQgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Hitler.exe

Files

Hitler.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Louis\documents\visual studio 2015\Projects\Ransomware\Ransomware\obj\Debug\Ransomware.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ