XieshisHydraVir[.]exe | Triage

Sharing

General

Target

XieshisHydraVir.exe
Size

959KB
MD5

f73a71a935eceddef6a5781f28a48e11
SHA1

e32579e3278fafc2b25ebd3480c5152797e9f02e
SHA256

6e43dd34bd2f122865a63bd2a14c70fe13b24210be349b97fdc81c59ad0f21e5
SHA512

e539f055056a256b591811861b8b73fa6935294a4d90b3696fb00dfb23a93f505e2112d6c3e0b0a681e0db7e52d6e17f246a3399613635617ae90f03f4ccad90
SSDEEP

3072:+e++5bh9fN2BNySnAg0o0gzE0u0gDSLKZIxbh9fN2BNySnAg0o0gzE0u0gDSLKZx:+ijNVZIxjNVZIxjNVZIxjNVZIXjNRdt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XieshisHydraVir.exe

Files

XieshisHydraVir.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Xieshi Zhang\Documents\Projects\Hydra\Xieshi'sHydraVir\Xieshi'sHydraVir\obj\Debug\Xieshi'sHydraVir.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 770KB - Virtual size: 769KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ