Under_13690 Determination Sans fight[.]exe | Triage

Sharing

General

Target

Under_13690 Determination Sans fight.exe
Size

80.6MB
MD5

bfb4478e14adbdc73560e3b3cc912c02
SHA1

151a2910ad4220f7e61f4df7c700b2c7c410ec0b
SHA256

c585b032c17bc6b041e6b99e46b0b404bd79ae6546c464fe2ad6d0d07a69eb8e
SHA512

9fb86665ddeb0a7bfe60f8465fd58f0299cc7cda314a7d57b5b051fb28b943a29bf1d37f8e21b27f0aab6775880ca4823f13e9e1ec19cbcbc7d8e1feee158aa8
SSDEEP

1572864:XbtmTOloF8ICI+FyIfzVVIuCvG5pcRib0i4nZU7bO7dJlx1AhL1u1+sf5:xGuoFrEbLIJmWRib0i4ne7bgV0+B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Under_13690 Determination Sans fight.exe

Files

Under_13690 Determination Sans fight.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\a\GameMaker\GameMaker\GameMaker\Runner\VC_Runner\Win32\Release-Zeus\Runner.pdb

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 543KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

minATL
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mydata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enigma1
Size: 75.1MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE