ItroublveTSCV8[.]exe | Triage

Resubmissions

02-08-2024 22:44

240802-2nrv2atdlk 9

02-08-2024 22:42

240802-2m3k5stdjk 9

Sharing

General

Target

ItroublveTSCV8.exe
Size

2.9MB
MD5

04d9deab1ba92eecd071d6e47e360dd9
SHA1

73ff84e18d53babcc61699501b0ebc68a1420661
SHA256

030ea9a39d673500d2cdb7f5ba377aa57e535b7327d28a1d84763ca58b72684c
SHA512

738e67e97f4a159e9c376ba458cfb908c9782325ca6d9ebb101a5135335fcb784e4fbe7123dd182b240896153dafeaccb2b165f4f4bf8b2a8ae0b5f21407756f
SSDEEP

49152:/smhnqAs9pJc0dnKh+Q0N1rs+vIUSg+6+8ohnRh1Na1OKM6nYAKhFQpSH3Oh5gxr:pqXpy05Q0N1rsYSZ6BoXh1kkypSH3Ohs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ItroublveTSCV8.exe

Files

ItroublveTSCV8.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\findl\AppData\Local\Temp\bin_copy\obj\Debug\Obfuscated Name.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ