debugbreak[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

debugbreak.exe
Size

2KB
MD5

9f8a102f0c8a632edc00751c210ee03b
SHA1

ddcf1ba02c936d992de13ae56f52df9bd2217092
SHA256

a4775bca9ed9742e7683ad3009835ef17a7c221afa85dc9890c8a5a4664ad741
SHA512

21aa39a0622998390ac6750107f9ce4d6829be05b06796444253bda54127e716a9857ccdb8e33748966b2aa274f778461360ae45bcfbc74398ecda03aecb051b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
debugbreak.exe

Files

debugbreak.exe
.exe windows:4 windows x64 arch:x64

65c73b23869de688e397581b6801cda1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateToolhelp32Snapshot
DebugBreakProcess
ExitProcess
GetCommandLineW
GetLastError
GetStdHandle
OpenProcess
Process32FirstW
Process32NextW
WriteFile

Sections

.text
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE