PhantomSolutions[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PhantomSolutions.exe
Size

4.2MB
MD5

c0886fe28de0b45fabe9428ab2f8be92
SHA1

f0dab6ff77b377aa7c0d9e9d12a1b492081cb746
SHA256

8c7b7b902c18a07fc8de74e45630167b035863d50f79cb31ed6a014ce81a3888
SHA512

1480637b19304ad2578f35af375cbfbd46dfa11cfca7fe3b6199f6cc325a6c1efb12a6678dd79c7cb2cedcb67c42ddf355bd3a74326a8d7d0ca42d03d66aabf4
SSDEEP

98304:5d7m+ij9HD0+jCihNRkl/W6aG/wcKnfu8NUT6K:q+y4ihkl/Wo/afHP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PhantomSolutions.exe

Files

PhantomSolutions.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\rat spoof\Phantom-Solutions-Perm-Spoofer-main\PhantomSolutions\obj\Debug\PhantomSolutions.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ