TroubleShooter[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TroubleShooter.exe
Size

140KB
MD5

2c38656cece13e8e13c38d7ce5cc2fda
SHA1

1644fc426701b9b9be27eefb29ddc93376834629
SHA256

afb1a8983aa6563e539e6f891136ea5c32cd7f622f62a6d15fe81f2c571d2c91
SHA512

0e3cfb5734f6b8ed9fa821a2ca8b4c16dd9f89ba7cec7edfef4abc8ca4f0da5b341a567c2661e24ad9041af9cab1a338e7fb2e7945e4690939865dc0e9bcc3e0
SSDEEP

3072:SqxkgqkwVRfuSLtRhOtkfAvKuZV0p/nH6w9+C3AhAsAeAuAoyOyZUilzUnvI4gXb:UgqFfucfAvXZyp/H6w9+C3AhAsAeAuAp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TroubleShooter.exe

Files

TroubleShooter.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\berke\source\repos\LK-Troubleshooter\LK-Troubleshooter\obj\x64\Release\LK-Troubleshooter.pdb

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ