nyx[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

nyx.exe
Size

300KB
MD5

7b36c75b259fa3f801ab7460c2a390ba
SHA1

1163d2574f370c9a0fa53eac2a24eceedb3bc6b6
SHA256

d74abafa96478cd9a0907f9f2c6f2d1d9bd5e215fd54194fc5af61ba86c4253c
SHA512

9428cdfde0259121c33ff8eb9e9ae682ee3fb1c5b109a0109cd44095c7397751f0bfaa44182b4f7837a1b92a3569bebffa1855d542224cf20936bc56a86b0c14
SSDEEP

6144:UOG0eYSomwhQKJpwVxDlFfA2tYLUNdbDBcKG5IZ0ZCNw2skg:80Io7hQ3vo2qgLxG540Q0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
nyx.exe

Files

nyx.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ourko\source\repos\pookie\obj\x64\Debug\pookie.pdb

Sections

.text
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ