dixxy bypass[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dixxy bypass.exe
Size

3.5MB
MD5

82a624df615abde80a5b9effffd5eae8
SHA1

7c80fb2e5dbc6dff4cafb69f9251603721468374
SHA256

48ae680ab1d8d2eae9e7ffd7863287c19820a6f27e0c6bb38f545594577ec826
SHA512

2b69c724eccb579cbb9571244a30668ea53964470ec120f0d6b5f809c13c92cef1e84d1007ffa5bdb5e64a2ae7ba60e65ea68b112b0bf45fa1346fe8e12a3df7
SSDEEP

98304:4cbgIPxIPxIP953Vl6CqV0pMppBuoG4yOkIKljuAW:4cbhqqLvnqmpwz+ZW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dixxy bypass.exe

Files

dixxy bypass.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\david\Downloads\StoppedMain\StoppedMain\ag\obj\x64\Release\ag.pdb

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ