Pierdziadek Helper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Pierdziadek Helper.exe
Size

3.4MB
MD5

b14c1b522f52456a6db5aaba476ef3a8
SHA1

ff5d3b3c16ddc54377275c988b0b3c81180ee4a5
SHA256

ee45d85fe3fd10e74916d1ff8d95f13f181cd1f995b689b227e40937316c38fa
SHA512

f2070f60a6a892ea9b3351d6100c79d65b375b30ddb9ea539fd40cd7a83e76063267b5c07f2f81767b9c691f64e218f896e8a40c106018bf109c1da1d7b1e6a9
SSDEEP

24576:JyFqcrERpbFMfUrKaVfC8wtxX+/3qlrCNoh+UqgIwhCNoh+JR9FrIJJpCNoh+7HL:JM8p1NVfuxO/iJe2URoGiBzjErZB

Score

1^/10

Malware Config

Signatures

Files

Pierdziadek Helper.exe
.exe windows:4 windows x64 arch:x64

Code Sign

61:ca:cd:f6:38:6c:50:93:4d:fe:43:b7:e9:0e:13:f5
Certificate

Issuer

CN=Pierdziadek Helper

Not Before

09/12/2020, 19:44

Not After

10/12/2030, 19:44

Subject

CN=Pierdziadek Helper

ad:86:c5:ee:01:44:98:fc:60:5d:5f:c1:04:4e:25:91:68:95:15:f6:3e:d4:96:33:f5:ff:20:d8:0f:f5:c6:4d
Signer

Actual PE Digest

ad:86:c5:ee:01:44:98:fc:60:5d:5f:c1:04:4e:25:91:68:95:15:f6:3e:d4:96:33:f5:ff:20:d8:0f:f5:c6:4d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ