oTfjRHJdWzffhcnPGd[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

oTfjRHJdWzffhcnPGd.exe
Size

117KB
MD5

f5f9f9816c6df0f3e77d2c7dc06d3870
SHA1

64b538270f5d509737e86191ccae8c388da58a7f
SHA256

5b9048d6e4a6f65fa2913d2c16e22c4c603cbbed7d4a4aa0b6ffafe22b2c55f9
SHA512

bc393ec7d9b683baf50bbef1f9eec1d6b17ff859483ddb482cbd0d3f156856b4fddc93dd669f7aedf6085b7033fed8f7b35b8d2b753930a224c76156bdf161b4
SSDEEP

1536:8cpl477ZjAyjbXwyc/qixqG4A93dkBMsvpq2Y0MZr3HbgQyr:fpl479jvXXwyczxp4AFCYxZDbgv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
oTfjRHJdWzffhcnPGd.exe

Files

oTfjRHJdWzffhcnPGd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

PDB Paths

C:\Users\Administrator\Desktop\Outputs\oTfjRHJdWzffhcnPGd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ