Tajni_agent[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Tajni_agent.exe
Size

203KB
MD5

575661389c58c417d3397b613212ba31
SHA1

511abafddeb425ad5b0913cb35dcfb381b8c77ab
SHA256

0f492f083be81e21b9b9574e34c8c3e5aece2b77561041e103d89a228d57ccfb
SHA512

f63eadeacecfec79fc05f6018e294b9f9cfebdebbb17f780718dedf7b74489c48134e9750aebe4a9abc081d4f5027074307d58e95b840c2d6b89c62ec2932e4d
SSDEEP

3072:PI0nPvatfJ7MGVFUaD9i6RAQqf5aMXT5m67RpexEzJ/G6M4klj6n+RHcHr:PKt57F5TA53XTE47exEzJwjRROr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Tajni_agent.exe

Files

Tajni_agent.exe
.exe windows:4 windows x64 arch:x64

b4c6fff030479aa3b12625be67bf4914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dfsg
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE