UncrackableHesa[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

UncrackableHesa.exe
Size

3.5MB
MD5

54068fb4811b041f627e641e2ff38bdf
SHA1

2f74490c2cff34c44857e8cc31bb064d19b615ba
SHA256

75be31651fe0b01aa38e21a15c08a76495c22cb9f467fc4fff197dd0201613b0
SHA512

1038957f350ff0cb6aa81df9e23716f53e7219f2506acc2fd093253112f262a306708ebc1aeecb1592e4ff4ce4bfc33abe28596d07da16e6a2fce7c829c4d3b9
SSDEEP

98304:/oopgZVQTwuuRSspPn/PjvwBEHTB0Gj4o8C:QUgZIw6iPjuESc4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
UncrackableHesa.exe

Files

UncrackableHesa.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 224KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xhesa
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hesa
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hesaxxx
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sexy
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ