jpg[.]exe | Triage

Sharing

General

Target

jpg.exe
Size

40.0MB
MD5

fa2902f87868a496e05c1fca74ab501d
SHA1

891f8f932419c3845ee3dac6074761199079e784
SHA256

87f70c32b39eb5afbbe12ba34ec50d96c6cb6a8814e1d6d6108f62349e633f8c
SHA512

81057bbaace250d94f7b2f086cdf1bb7733da16a654b87c1642b81cb8553be7fd4cd0bd321d9116701b47b9613f8c858a663cd5ebd7e0b7792de57a92f5f3cdc
SSDEEP

786432:c25XIWlenl800y256F9DEPS3aVqzMsQMIKLKbkKfCkS3acp:ciXD8lb3ksREa3a2O1Kacp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
jpg.exe

Files

jpg.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Kapi\source\repos\jpg\jpg\obj\Release\jpg.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 39.9MB - Virtual size: 39.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ