Ёлочка[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ёлочка.exe
Size

400KB
MD5

5868594af1962dd052807089ae05a862
SHA1

0c75301f4160c70cdf5809149955cce923d6465d
SHA256

b9509b350513758326050751f233f583212f7b03bb62837dc4602cc3208098db
SHA512

8bc81408f136bc15da3f80a865b25610ab69c425aa54d79d60724d068452b38fa25b5356597f263e14e67f40023295a1f5edb64a1e06ee87899fc30bd27b4fc9
SSDEEP

6144:XltBkq4jG82LokJncIZnBpr9i6DeQo+AESIZ0ibMiVSie5JncI/nBpr9i6DeQo+:1tn4q8qVYpV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ёлочка.exe

Files

Ёлочка.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Vlad\Documents\Visual Studio 2019\Projects\Ёлочка\Ёлочка\obj\Release\Ёлочка.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ