bypass[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bypass.exe
Size

1.2MB
MD5

d17fa6d243a8273374c4dbd2512c923d
SHA1

2fbe757863a4676e355fc347d253166380ec4058
SHA256

c8eeb8e8a96ac195d8b6f954fe2f7efd27f2cc0f6dad81216619494084df7842
SHA512

e827b6918344fa912a99f1c2a8239588a0312d0a6d2e229fbe3a12a99361ae7d3703416119041f47ec50fb8234cc47ef110ac160a9ee443cb6a9310a1c966e70
SSDEEP

24576:NOqc6x8e9T5dN+pZIELCRbuO/2Y5TR+uRklyFoBkkA:N3c6x8ET5daZ5LUbuOeY5RCAan

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bypass.exe

Files

bypass.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\future777\source\repos\grabber140\grabber140\obj\Debug\grabber140.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ