Troll[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Troll.exe
Size

15.5MB
MD5

91464f279c611587ed348c02eddfec15
SHA1

54587a075043a6f69e65e6a2f0aeface4a371110
SHA256

d1ba5cb07b3b06c0ff97845c06aec5b30a5bd1025c21fa6e7289bcbf5d2670fb
SHA512

980a076ac2173e6cc886ed803d7b08d2da8bf19809a77d322799c5f689f91620b6f377a9b610e860e30ac3a4e02ae3dc764605765c2ca3a2c73ab4d603555003
SSDEEP

393216:z3tumM2+LUduaCYcqcnl42+EUduaCYcqcnls3Num:z0mM2+LRdL9l42+ERdL9l2Um

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Troll.exe

Files

Troll.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Documents\Programacion\Proyectos\Troll\Troll\obj\Release\Troll.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15.2MB - Virtual size: 15.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ