Optical[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Optical.exe
Size

229KB
MD5

4a5657a7c130d81d71cc805c378b3c70
SHA1

204f70bbcf1ce2f73384f7f729487fe243d1bc7e
SHA256

47472616fa8b730050b1776059499fb022c5ebbf1135c7de170d6b638b5a509c
SHA512

a733263f6d20075ac6dbcf0c7e22b8c2ded99995643665328f176ba2d47fbbe20ea6ae9d07e5f7d83a160e6fa123ba8e4c57ef315d81077fa8341a137958d2c1
SSDEEP

3072:cjgKISG69en4azzzzzYzzzzz5D76ZPwLX1TtQQXR7Br5MBrauvq6kI+G7JpxOiEc:+R9e4P3a+bBtQ/NpQiEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Optical.exe

Files

Optical.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\csher\OneDrive\Desktop\Optical\Optical\obj\Debug\Optical.pdb

Sections

.text
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ