FBI Terminal[.]exe | Triage

Resubmissions

29/05/2024, 13:16

240529-qh75aagd79 4

29/05/2024, 13:15

240529-qhbq3sgd47 3

29/05/2024, 13:13

240529-qgclzsgc88 3

29/05/2024, 13:12

240529-qfn9dsfe2y 3

29/05/2024, 13:09

240529-qdzbksfd41 3

Sharing

Copy URL Twitter E-mail

General

Target

FBI Terminal.exe
Size

1.5MB
MD5

b9ef83925b2a904b5dac07fabfef018f
SHA1

8bff016224d55ae7307b8af6cbdba2c21b622163
SHA256

6bf354a40ef3a4ccb3007eb1075f566fa5f1d42ea7f7e215c2467af88bdb83e6
SHA512

1de09a9bed3c09d19defa96e8fa9b760958eda79f8cbc8e68eb364213dc4bc95ecb8a654bbfc70d4bba597dbe53ba64055f8c795c966df56a7928d31d28ce6eb
SSDEEP

24576:nyxp3Jc5XvbScsiJ9BJyxp3Jc5XvbScsiJ9Bsyxp:ypmh2kZYpmh2kZfp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FBI Terminal.exe

Files

FBI Terminal.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\PC\Documents\Visual Studio 2010\Projects\FBI Terminal\FBI Terminal\obj\x86\Release\FBI Terminal.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ