Snowly_VRC_Tool[.]exe | Triage

Resubmissions

25/08/2024, 03:20

240825-dvra3svfkl 3

18/05/2024, 06:20

240518-g3294afe78 3

Sharing

Copy URL Twitter E-mail

General

Target

Snowly_VRC_Tool.exe
Size

2.2MB
MD5

82a1dfd93c2552bbbba25d871a120321
SHA1

c640644c8edc906bf97af5a0de552d28af891d5d
SHA256

0cd832f855f1709bff19626775ffd247e04efe0cd081d88de91ae74a9d8b41a1
SHA512

1c243620ef619c1675e71045e4518125f8bc5e7e33331c6f4c757561305d86520ccde3cf3005ab9154f38725be90dd5ae2f92d7a11127bffebb1835340e60cc0
SSDEEP

24576:SdHcdrAxarAxCrAxarAxarAxarAxarAxarAxqWTmGkM:ShkruaruCruaruaruaruaruarunmN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Snowly_VRC_Tool.exe

Files

Snowly_VRC_Tool.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ