MocuMocuDance[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MocuMocuDance.exe
Size

1.0MB
MD5

b56deea627e5b99f23d3dac149c32c05
SHA1

dc9d86b7d3ce59011733eaade18d12a15a28a927
SHA256

d119e200dd21198a3c3657bc17b981c53a4635035be679638bda567e40eb7761
SHA512

b82427441d444088f587ba6760048ce473b79b3bd12f0e7f66a731336c130b2cc56093b20bc6cca793806347962c49183a8a2550185a84f159d592e44ab9e5ce
SSDEEP

12288:fduYuWpnbRrUXRC2HpQVSmBldzQvG8kN8pIG1qGkIQ82yi/fVPxjg9f3Z7o/z:lTbB2JQVSmBldzQvGGuyipdO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MocuMocuDance.exe

Files

MocuMocuDance.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\admin\source\repos\TGBT\TGBT\bin\x64\Release\ILMerge\service.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ