Freight Inv[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Freight Inv.exe
Size

698KB
MD5

21a550c7fabc8b8a0d355c03d0ed8074
SHA1

384f21c9502123a2fafe69cdc128878cdb428fe9
SHA256

7fceea4595b755fbb229e382c964e9ffe917b148348e998c01ad1362f9caed5c
SHA512

ede9ec8c35a518a803784e1b71a3334e6f6db3df4069ab91c6f8f90eaf655ed8fcad9cbeb583049c55c5694bb46e90722f82795826e015c84895f7f573c0051c
SSDEEP

12288:TpFAXYMjhvPie/rByY7777777777777m9H50fKlKBkl9ZCAXUr1XchstW52AUvZO:TpFAXYMFniyyz/t8Bw+AM1XchstW52AQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Freight Inv.exe

Files

Freight Inv.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

vHHJ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ