hitler[.]exe | Triage

Sharing

General

Target

hitler.exe
Size

10.0MB
MD5

be9b8e7c29977c01f3122f1e5082f45d
SHA1

c53a253ac33ab33e94f3ad5e5200645b6391b779
SHA256

cb6384b855d46fe5678bb3d5d1fc77c800884f8345cb490e1aa71646e872d3ae
SHA512

91514128a7a488581372881a556b081ad920086fd43da84188033f0bd48f294199192b753ec691c2cb79072420b346f767d9cfb4ef2d119ca1e345d65df8dc34
SSDEEP

196608:2+pelNMXq98NJb96V2YkR5IWBPOBJ4KaNzP2aX1HfNYRwBNo8YhrqE:bpeZ98bB6YYkR5DFCJwNzP2O5mRw/o8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
hitler.exe

Files

hitler.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Shirama\Desktop\Meatspin1\Meatspin\obj\Debug\Meatspin.pdb

Sections

.text
Size: 10.0MB - Virtual size: 10.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ