Static task
static1
Behavioral task
behavioral1
Sample
ItroubleTSC.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
ItroubleTSC.exe
Resource
win10v2004-20240802-en
General
-
Target
ItroubleTSC.exe
-
Size
6.7MB
-
MD5
a43a7249dfe471610fb6bc963f22e868
-
SHA1
9b4caf613225d8266a448298bd46370b9b7e9a89
-
SHA256
8c221e4939325c83f4d92a9fe0e0b64133a224e91651f30bda1256cebcf59acf
-
SHA512
4734ac42c5908d4f3365f773c5a0d5dac0afd536a7d5e04db18ad5f87aad034a4064fe09dc44ce242036a7a1370498b5580e5b6c5521e8388618fadfe071df73
-
SSDEEP
98304:MqXpy05Q0N1rsYSZ6BoXh1kkypSH3Oh5Bemg:1405QYtsTEB08T8HehLv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ItroubleTSC.exe
Files
-
ItroubleTSC.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
+cE7D? Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ