Sentinel[.]exe | Triage

Sharing

General

Target

Sentinel.exe
Size

1.7MB
MD5

a991bca8b1b12edcef7ea9365083910a
SHA1

c2a87723dc3a20162e84062fd3420c07be74f56c
SHA256

7a6e7ce0b1d27034eb2743bb25305b2ac9a9a950b3ccbb43d5d3c5ba2d43122d
SHA512

edf63d41a1b2bdc5db90bbc33254a400c3ab182fd8eea530c326907208857a3a58fe5fa379934daf41423576f8b589a41541c62f302cbf04028251fe6faa7e4f
SSDEEP

24576:6Z8lPrl9NaJd9N11gdlCaGApu8Fk1VM+q2fv3BrUIQxgcEQXwBNtr91L8Cu:bPpuW7G98FkPMYv3Br6ZDStp9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
Sentinel.exe

Files

Sentinel.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\ChunkyCurry\source\repos\Syntinel\Syntinel\obj\x86\Debug\Syntinel.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ