SScosmetic looder[.]exe | Triage

Resubmissions

13/09/2024, 17:13

240913-vrwvtsycqj 4

13/09/2024, 17:06

240913-vmdhpayark 3

Sharing

Copy URL Twitter E-mail

General

Target

SScosmetic looder.exe
Size

60KB
MD5

d191e0bdc3dc7c6ca03ae2670b85c0f3
SHA1

00f5e363343f3525af23ed081b200c51b987deac
SHA256

6d87082d0c8357d979c23e6d58f129452949142fb489f228308ef2afe101346d
SHA512

45f03600f095f65d4729775c260c6e10905b2fbea6df467f539519c728416ba32b638cd0162cd362d7db9dc37bde128c08e14e7293a3e8757177471cab537fad
SSDEEP

768:RM0FSG0d39km8Jav3oMkp7REE4mDeRu7YSB9chytI/RmcJVF18ILMR:RwBdZwav3oMkp7R54mDeEzJWccJV7vA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SScosmetic looder.exe

Files

SScosmetic looder.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\acest\Downloads\INJECTOR_PUBLIC_UPDATE_2\INJECTOR_PUBLIC\INJECTOR_PUBLIC\obj\Debug\INJECTOR_PUBLIC.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ