808b4d7e7be9c0331fa4197371f3df0345f5b816d99e7b204c72f2e0879a2aab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

808b4d7e7be9c0331fa4197371f3df0345f5b816d99e7b204c72f2e0879a2aab
Size

3.3MB
MD5

ce261bcccc3d7568811f3eedb08cf1de
SHA1

75114e9661386cc09f9eae749a6157e7e1f25ee0
SHA256

808b4d7e7be9c0331fa4197371f3df0345f5b816d99e7b204c72f2e0879a2aab
SHA512

9814fc117444f7379918630f1c397711cb230b30dd6c2d81e35d5bb7a5ecd5e66f7752e0fbd4b910a986bb112640935887e5ea50a6f55445ed553176bfaed17a
SSDEEP

6144:KP4zJgaMcqxjpvuv6srf6Tg/OGD9b8ZAVPQCZuG78Tlc1mwlzKy8KytObpUnEKyT:84z6aMcqxtuvVu0PQf2QibCaCKBS55W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
808b4d7e7be9c0331fa4197371f3df0345f5b816d99e7b204c72f2e0879a2aab

Files

808b4d7e7be9c0331fa4197371f3df0345f5b816d99e7b204c72f2e0879a2aab
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\ws\tpdiag_20240223_190610_CET\ThinPrint Diagnostic Utility\obj\x86\Release\ThinPrintDiagnosticUtility.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ